"We decided that we needed a more diverse group of testers, while still meeting and exceeding compliance standards, which is what led us to HackerOne and the hacker-powered security model."

"Being able to have issues retested during the same engagement is a game-changer. That’s something that hasn’t been available in the past because traditionally, you didn’t receive the results of a penetration test until after the engagement was over."

"Every organization has blind spots. Having the hacker community on the other side of the screen looking at those things you’ve missed means you can close those holes."

"With HackerOne and their triage services we now have a sturdy database with ticketing capabilities. Here at AlienVault we’ve also taken advantage of their 3rd party ticketing system integration so once the triage team deems a ticket both a valid vulnerability and not a duplicate, we create a ticket directly …

"At Qualcomm, the security researchers we have worked with are not motivated by financial gains. Instead, they want to help us make our products more secure in order to protect more people."

"AI red teaming allows us to explore the possibilities of what attackers might achieve—not just what’s likely. Working with HackerOne has shown us that human ingenuity often outperforms adversarial datasets or AI-generated attacks."

"Hitting $1M in bounties is a badge of honor. It reflects our commitment to valuing the intelligent security researchers who help keep us safe. Bug bounty programs are notoriously difficult to build, but HackerOne’s talented community provides us with the expertise and creativity we need to secure our platform. Our …

“As the world’s first ephemeral messaging platform, our customers unequivocally expect privacy and security from our products. Maintaining these principles to a high bar is vital for our company.”

“We want to see a world where a launch means something regarding security. Buyers banding together to require minimum mandatory bug bounties would send a signal to new companies that they have to secure their users before they can make a sale.”

"Our researcher community’s approach is rooted in curiosity, creativity, and the relentless pursuit of finding flaws others might miss. This mindset is distinct from building and reinforcing technical models, yet it’s an essential complement. While internal teams focus on defending and aligning AI systems, engaging with a community of researchers …

"We’ve received a lot of guidance (on working with hackers) from HackerOne and it's been a great experience."

"Security bugs are going to be reported and they’re going to throw a wrench in your plans for the sprint/ month/quarter."

"When the same internal teams are testing an application for a long time, they lose that ‘fresh-eye’ perspective that often helps in finding interesting bugs."

"We believe there is immense value in having a bug bounty program as part of our cybersecurity strategy, and we encourage all companies, not just those in the hospitality industry, to take a similar approach and consider bug bounty as a proactive security initiative."

"Working with HackerOne, we have had a solid return on investment while reducing risk. Zebra has scaled our security program across the different product offerings within HackerOne from security assessments for product releases, bug bounty for continuous testing, and a mechanism for third-party security researchers to submit vulnerabilities."