What is your cybersecurity need?
Protect your evolving assets.
Scale app security across the SDLC.
Build your brand and protect your customers.
Meet compliance requirements and more.
Reshaping the way companies find and fix critical vulnerabilities before they can be exploited.
The first step in receiving and acting on vulnerabilities discovered by third-parties.
Continuous testing to secure applications that power organizations.
Establish a compliant vulnerability assessment process.
Highly vetted, specialized researchers with best-in-class VPN.
Enhance your hacker-powered security program with our Advisory and Triage Services.
Home > Blog > Bounty
Today, GitLab announced that they have awarded $1 million in bounties to hackers on HackerOne. To learn more about the open-source tool’s security strategy and commitment to transparency, we sat down with security managers James Ritchey and Ethan Strike. Read on for a glimpse into our conversation.
The Cloud Native Computing Foundation (CNCF) today launched the Kubernetes bug bounty program on HackerOne. The Kubernetes bug bounty program is yet another layer of security assurance that will reward researchers who find vulnerabilities in the container orchestration system. Bounties will range from $100 to $10,000. All reports will be thoroughly investigated by the Kubernetes Product Security Committee, a set of security-minded Kubernetes community volunteers.
Open source software powers HackerOne. As part of our mission to make the internet safer, we want to make it easier for your open source project to remain secure, so we’re joining GitHub Security Lab. Read on for more on why we’re joining, new free offerings for open source projects from HackerOne, and new open source targets for hackers from GitHub and HackerOne.
Bug bounty tips from a Paranoid: hackers as an extension of your security team, honoring the security page as a contract with hackers, investing in the community through things like Live Hacking events, and using the outside perspective from the hacker community to strengthen their entire SDLC.
Security is a top priority for e-commerce giant Shopify, with over 600,000 businesses in 175 countries trusting them to sell online and everywhere in the world. Shopify's Vice President of Security Engineering and IT, Andrew Dunbar and HackerOne’s Luke Tucker discuss best practices for testing and securing cloud-based web applications.
Hackers, congratulate yourselves on an incredible milestone, earning $50M+ for your contributions to a safer internet. HackerOne’s mission is to empower the world to build a safer internet, and you are the heroic individuals making that mission a day-to-day reality. Thank you for inspiring us with your creativity and talents. Keep pursuing the flags, squashing the bugs, and sharing the knowledge. Together. We. Hit. Harder. Happy hacking one and all!
A huge milestone towards a safer internet, better lives, and communities for hackers, HackerOne is celebrating hackers and the path to $50M in bounties!
Oath has surpassed over $1,000,000 bounties paid to hackers for their help to significantly decrease risk and reduce Oath’s attack surface. However, bugs aren’t all Oath received from the security community. They also heard a ton of feedback that they’ve accounted for in five changes to their program policy. Check them out!
This month, Zomato is celebrating the first anniversary of its bug bounty program. Since launching in July 2017, the company has paid out over $100,000 to over 350 hackers for their efforts, all while maintaining an average response time of 4 hours. We recently caught up with Prateek to celebrate the milestone and give you a chance to learn more about Zomato’s approach to bug bounties and security.
Before you propose a bug bounty program to your organization, you need a comprehensive plan. That’s just one of the many takeaways offered on a recent podcast from KPMG’s Advisory Institute, which publishes content related to business performance, technology, risk management, and more.