55 HackerOne Testimonials

"One of the best ways for us to augment our internal security team is to work with the white hat community. This was a pain before HackerOne but now is significantly easier."

"We chose HackerOne as it not only connected us to an existing community of seasoned security researchers but also offered productivity features that automated aspects of the bug bounty triage process."

"We decided that we needed a more diverse group of testers, while still meeting and exceeding compliance standards, which is what led us to HackerOne and the hacker-powered security model."

"With a normal pentest, you don’t get vulnerability reports until the engagement is over. That’s not ideal, because it means vulnerabilities go unfixed for longer, and you can’t have issues retested without booking a whole new engagement. HackerOne Pentest solved both of these problems for us, and enabled us to get months worth of value from a single engagement."

"The (HackerOne) triage team is like an extension of our own team. Worth every penny."

"We are employing strategies and programs, like our VDP with HackerOne, with the sole purpose of protecting our customers, their vehicles and their data."

“HackerOne programs are a fundamental part of our cybersecurity strategy.”

“Over time, we’ve established secure development methodologies and quality testing schemes for the release of new components and changes to the platform, including the creation of a specific channel to address hacker reports, which are prioritized and included in the current sprint.”

"Our public bug bounty program is as important to the security of our product and company as any other program we run within our Security Team."

"We believe there is immense value in having a bug bounty program as part of our cybersecurity strategy, and we encourage all companies, not just those in the hospitality industry, to take a similar approach and consider bug bounty as a proactive security initiative."

“It's about maintaining trust with our merchants. Entrepreneurs are running their businesses and they don't want to worry about security, so we have to ensure any issue gets addressed. HackerOne provides a return on our investment through its large community of talent and by taking care of administration, vetting researchers and handling payments.”

"Security is not a one-time thing, but a continuous cycle. We know that there are always going to be bugs in software development. As we develop, and as we iterate, we want to make sure security is an active part of that process, and never a roadblock to innovation. The HackerOne bug bounty program allows us to put another cog in the wheel of security."

"We take advantage of the triaging services to help with our workload."

"HackerOne is a well-known platform across the information security community which aggregates the most successful bug bounty programs to date."

"We have an industry-leading vulnerability disclosure program that protects ethical researchers and partnered with HackerOne to include sensitive vendors in the scope of our bug bounty program to help protect our entire ecosystem. Our hope is that bug bounty programs like ours continue to spearhead a culture of collaboration and transparency that benefits cybersecurity as a whole."