"We chose HackerOne as it not only connected us to an existing community of seasoned security researchers but also offered productivity features that automated aspects of the bug bounty triage process."

“Since the HackerOne Triage team is wellcalibrated on our scope, they offload some of the work from our security team, such as report triage, identifying duplicated reports, and scope mismatch. In other words, the HackerOne Triage team acts as an extension to our security team.”

"Hai gives us actionable suggestions that have eliminated busy work, so we can complete tasks faster and think strategically about continuously improving our overall cybersecurity posture."

“If you're going into a bush blind, you don't know what's going to happen.”

"The program has been successful because of the continued contributions from diverse, talented researchers."

"The program with HackerOne has surfaced the most interesting results across all of our AI testing and is by far the most cost-effective."

"If our bug bounty program can find at least one critical vulnerability per quarter for two or three quarters in a row, we know the program is worth the money we spend on it."

“The third party inspection of code adds a layer of confidence to ownCloud’s over 8M users and administrators. Enterprises know their deployment has undergone the rigors of ownCloud QA, their own testing, and the bounty-driven testing of security experts resulting in more secure file sharing for many environments.”

“We plan to increase the size of our bug bounties. I am confident that HackerOne’s community of hackers will continue rising to the challenge.”

"HackerOne Code not only gives us real-time security before code goes to production, we're seeing value in getting insight from professional developers in the industry."

"With HackerOne and their triage services we now have a sturdy database with ticketing capabilities. Here at AlienVault we’ve also taken advantage of their 3rd party ticketing system integration so once the triage team deems a ticket both a valid vulnerability and not a duplicate, we create a ticket directly …

"Security is at the core of everything Coinbase does. HackerOne is essential to our ability to build a strong community and safe customers through engaging and rewarding the best ethical security researchers."

"HackerOne has been much more successful at finding problems than general penetration tests have been for us."

"Security bugs are going to be reported and they’re going to throw a wrench in your plans for the sprint/ month/quarter."

"A greater amount of diverse vulnerabilities allows us to identify and improve our SDL more efficiently and to keep learning new trends and approaches about vulnerabilities, new attack vectors, and blind spots."