Security News

HackerOne hires new leaders to drive the product roadmap
2021-05-21 22:30

HackerOne announced that it is doubling down on its investment in innovation with the hiring of new leaders to drive the product roadmap. HackerOne is investing in innovative solutions for customers and hackers, integrations into existing security operations workflows, and a broader use of vulnerability data.

HackerOne partners with SecurityScorecard to evaluate corporate and supply chain cyber risk
2021-05-12 23:15

HackerOne and SecurityScorecard announced an integrated solution that uses hacker-powered security signals and data as a leading indicator for evaluating corporate and supply chain cyber risk. By seamlessly integrating the HackerOne API into the SecurityScorecard platform, users will now be able to showcase their bug bounty and vulnerability disclosure efforts in their scorecards and gain visibility into how their suppliers and partners are deploying these programs within their own environments.

Hacker earns $2 million in bug bounties on HackerOne
2020-12-24 08:20

Inhibitor181 is the first bug bounty hunter to earn more than $2,000,000 in bounty awards through the vulnerability coordination and bug bounty program HackerOne. HackerOne says that, so far, only 9 bug bounty hunters have earned $1 million on the platform, with Jon Colston being the ninth hacker to reach this goal after reporting over 170 vulnerabilities in government and enterprise organizations.

HackerOne making its debut in AWS Marketplace
2020-12-07 00:30

HackerOne announced that it is making its debut in AWS Marketplace. Amazon Web Services customers can now find and purchase services from HackerOne in AWS Marketplace, a curated digital catalog of software, data, and services that run on AWS. HackerOne is one of the first comprehensive security solutions providers to quote and contract services in AWS Marketplace.

Bug Bounty Hunters Earned Over $4M for XSS Flaws Reported via HackerOne in 2020
2020-10-30 09:38

In a report published this week, HackerOne reveals that XSS flaws accounted for 18% of all reported issues, and that the bounties companies paid for these bugs went up 26% from last year, reaching $4.2 million. The second most awarded vulnerability type in 2020, HackerOne says, is Improper Access Control, which saw a 134% increase in occurrence compared to 2019, with a total of $4 million paid by companies in bug bounty rewards.

HackerOne introduces integrations and partnerships to connect and defend customers
2020-10-27 01:00

HackerOne introduced a set of strategic integrations and partnerships that make it easy to integrate HackerOne data with existing security and development workflows. Announced at the fourth annual Security conference, the integrations seek to ensure the HackerOne platform fits into customers' existing security workflow with minimal friction, enabling them to identify, prioritize, and respond to threats in real time.

It's been a vintage year for bug bounty hunters, says HackerOne as it boasts of $40m+ passing through its treasure chests
2020-09-22 21:06

Bounty-hunting hackers are uncovering new vulnerabilities every two minutes on average, according to bug bounty platform HackerOne. "Mickos rejected the idea that ethical hackers deprived of a legitimate bug bounty market would instead sell newly discovered vulnerabilities to black hats for exploitation, saying:"If we didn't organise this program, the vulnerabilities would not be sold to criminals.

HackerOne Paid Out Over $107 Million in Bug Bounties
2020-09-22 13:10

Hacker-powered bug hunting platform HackerOne on Tuesday announced that it paid more than $44.75 million in bounty rewards over the past 12 months, with the total payouts to date surpassing $107 million. Signups went up 59% as result of the global coronavirus crisis, while the number of submitted bug reports went up 28%. In the months immediately following the start of the COVID-19 pandemic, organizations paid 29% more bounties, with the total paid in bounties going up 87% compared to last year.

Verizon, PayPal, Uber Paid Out Most Through Bug Bounty Programs on HackerOne
2020-06-30 13:03

HackerOne on Monday released a list of the companies that have paid out the most money through their bug bounty programs. According to HackerOne, Verizon has paid out more than $9.4 million since the launch of its program in February 2014, with a top bounty of $70,000 and an average first response time of 8 hours.

Sony Launches PlayStation Bug Bounty Program on HackerOne
2020-06-25 10:41

Sony this week announced the launch of a public PlayStation bug bounty program in partnership with hacker-sourced vulnerability hunting platform HackerOne. Previously, the company ran a private bug bounty with some researchers only, but says that it has come to realize that the research community plays an important role in improving security, and that the newly launched program builds on that realization.