"The flexibility of the platform and depth of the HackerOne community has made it a perfect fit for GoodRx."

"HackerOne has been much more successful at finding problems than general penetration tests have been for us."

"We can’t strive to be a great security team without you! You are part of my team!"

"We believe there is immense value in having a bug bounty program as part of our cybersecurity strategy, and we encourage all companies, not just those in the hospitality industry, to take a similar approach and consider bug bounty as a proactive security initiative."

"If our bug bounty program can find at least one critical vulnerability per quarter for two or three quarters in a row, we know the program is worth the money we spend on it."

"Having a bug bounty program is not an option, it's essential. Scaling internal testing can only go so far, working with the community helps uncover issues we may not have."

"Collaboration with HackerOne, in addition to Adobe’s pentests, uncovers unique vulnerabilities while helping Adobe meet customer security expectations. We’re leveraging the HackerOne platform for reporting, ticketing automation, and taking action on further details on vulnerabilities reported."

"Adobe's products are more secure thanks to our security team's collaboration with HackerOne and the security researchers we get to work with."

"We tried pen testing before and found it very expensive and practically useless. The first week we launched HackerOne they found several high priority bugs. Huge value at the fraction of the costs."

"HackerOne is a well-known platform across the information security community which aggregates the most successful bug bounty programs to date."

"The (HackerOne) triage team is like an extension of our own team. Worth every penny."

“If you're going into a bush blind, you don't know what's going to happen.”

“No one had done this before take a doll, put in a chip, connect to WiFi and hit an API. Our customers immediately saw the importance of that.”

"We obviously can’t hire enough engineers to protect against every possible vulnerability, but we can use our bug bounty program to add on-demand expertise where we need it and continuous coverage nearly everywhere else."

"There is a lot of education left to do, both to producers and customers of security-critical code. We hope bug bounty programs becomes an industry-standard, for the sake of security and stability of the entire industry."