"At Qualcomm, the security researchers we have worked with are not motivated by financial gains. Instead, they want to help us make our products more secure in order to protect more people."

"HackerOne has been much more successful at finding problems than general penetration tests have been for us."

"Hai gives us actionable suggestions that have eliminated busy work, so we can complete tasks faster and think strategically about continuously improving our overall cybersecurity posture."

"We need to move to a world. Where all companies providing internet services and devices adhere to a vulnerability disclosure policy."

"HackerOne fits naturally into how our team works, helping us respond and escalate quickly while keeping human judgment at the center. Anywhere, Anytime."

“HackerOne programs are a fundamental part of our cybersecurity strategy.”

“Over time, we’ve established secure development methodologies and quality testing schemes for the release of new components and changes to the platform, including the creation of a specific channel to address hacker reports, which are prioritized and included in the current sprint.”

"With a normal pentest, you don’t get vulnerability reports until the engagement is over. That’s not ideal, because it means vulnerabilities go unfixed for longer, and you can’t have issues retested without booking a whole new engagement. HackerOne Pentest solved both of these problems for us, and enabled us to …

"The program has been successful because of the continued contributions from diverse, talented researchers."

"We chose HackerOne as it not only connected us to an existing community of seasoned security researchers but also offered productivity features that automated aspects of the bug bounty triage process."

"Security bugs are going to be reported and they’re going to throw a wrench in your plans for the sprint/ month/quarter."

“If you're going into a bush blind, you don't know what's going to happen.”

“We want to see a world where a launch means something regarding security. Buyers banding together to require minimum mandatory bug bounties would send a signal to new companies that they have to secure their users before they can make a sale.”

"HackerOne’s program overview provides deeper visibility into our program health. Our team can identify specific periods where targets are being hit and missed, and course-correct as necessary."

"Working with HackerOne, we have had a solid return on investment while reducing risk. Zebra has scaled our security program across the different product offerings within HackerOne from security assessments for product releases, bug bounty for continuous testing, and a mechanism for third-party security researchers to submit vulnerabilities."