The United Kingdom’s Ministry of Defence (MoD) announced the conclusion of its first bug bounty challenge with HackerOne. The Ministry of Defence program was a 30-day, hacker-powered security test...
HackerOne announced a new workflow automation integration with GitHub that enables the tracking and synchronization of high-priority vulnerability reports between HackerOne and GitHub. HackerOne is making its debut on GitHub's Marketplace.
HackerOne announced that it is doubling down on its investment in innovation with the hiring of new leaders to drive the product roadmap. HackerOne is investing in innovative solutions for customers and hackers, integrations into existing security operations workflows, and a broader use of vulnerability data.
HackerOne and SecurityScorecard announced an integrated solution that uses hacker-powered security signals and data as a leading indicator for evaluating corporate and supply chain cyber risk. By seamlessly integrating the HackerOne API into the SecurityScorecard platform, users will now be able to showcase their bug bounty and vulnerability disclosure efforts in their scorecards and gain visibility into how their suppliers and partners are deploying these programs within their own environments.
Inhibitor181 is the first bug bounty hunter to earn more than $2,000,000 in bounty awards through the vulnerability coordination and bug bounty program HackerOne. HackerOne says that, so far, only 9 bug bounty hunters have earned $1 million on the platform, with Jon Colston being the ninth hacker to reach this goal after reporting over 170 vulnerabilities in government and enterprise organizations.
HackerOne announced that it is making its debut in AWS Marketplace. Amazon Web Services customers can now find and purchase services from HackerOne in AWS Marketplace, a curated digital catalog of software, data, and services that run on AWS. HackerOne is one of the first comprehensive security solutions providers to quote and contract services in AWS Marketplace.
In a report published this week, HackerOne reveals that XSS flaws accounted for 18% of all reported issues, and that the bounties companies paid for these bugs went up 26% from last year, reaching $4.2 million. The second most awarded vulnerability type in 2020, HackerOne says, is Improper Access Control, which saw a 134% increase in occurrence compared to 2019, with a total of $4 million paid by companies in bug bounty rewards.
HackerOne introduced a set of strategic integrations and partnerships that make it easy to integrate HackerOne data with existing security and development workflows. Announced at the fourth annual Security conference, the integrations seek to ensure the HackerOne platform fits into customers' existing security workflow with minimal friction, enabling them to identify, prioritize, and respond to threats in real time.
Bounty-hunting hackers are uncovering new vulnerabilities every two minutes on average, according to bug bounty platform HackerOne. "Mickos rejected the idea that ethical hackers deprived of a legitimate bug bounty market would instead sell newly discovered vulnerabilities to black hats for exploitation, saying:"If we didn't organise this program, the vulnerabilities would not be sold to criminals.
Hacker-powered bug hunting platform HackerOne on Tuesday announced that it paid more than $44.75 million in bounty rewards over the past 12 months, with the total payouts to date surpassing $107 million. Signups went up 59% as result of the global coronavirus crisis, while the number of submitted bug reports went up 28%. In the months immediately following the start of the COVID-19 pandemic, organizations paid 29% more bounties, with the total paid in bounties going up 87% compared to last year.