What is your cybersecurity need?
Protect your evolving assets.
Scale app security across the SDLC.
Build your brand and protect your customers.
Meet compliance requirements and more.
Reshaping the way companies find and fix critical vulnerabilities before they can be exploited.
The first step in receiving and acting on vulnerabilities discovered by third-parties.
Continuous testing to secure applications that power organizations.
Establish a compliant vulnerability assessment process.
Highly vetted, specialized researchers with best-in-class VPN.
Enhance your hacker-powered security program with our Advisory and Triage Services.
Home > Blog > From The CEO
We start the new year of 2020 with great prospects. First of all, 2019 turned out to be a massive success for hacker-powered security. HackerOne paid out over $35,000,000 in bounties to hackers all over the world.
The merciless killing by police of George Floyd laid bare, once again, the institutionalized racism that plagues the USA. It is worse than racism. What we witnessed was white supremacy and institutional approval of violence against Black people. There are other alarming examples of structural racism and brutality around the world. Racism exists because collectively we allow it to exist.
Today we celebrate with all our hackers the phenomenal milestone of a hundred million dollars in bounties. Hack for Good! Yet we should know that we are only getting going. The digital world is not safe and secure yet. Much more work awaits us. We have one hundred million more bugs to find.
Our civilization is going digital. That’s fantastic. Unfortunately, our software is not secure enough to carry a digital and connected civilization. When systems get breached, people can’t trust the digital world. In a way, we try to do too much. Our innovation is outpacing security and privacy. Something must be done. This is the HackerOne commitment: As long as our digital world is plagued by vulnerabilities, we will continue to hack for the good of our connected society.
With enough hackers, all security vulnerabilities are shallow. There is no better way to know the security of your systems than inviting a diverse community to report your weaknesses. On behalf of grateful customers, we have awarded over $42M in rewards to the do-gooders - the hackers. We will end 2018 with a business that has grown 10X in just 3 years.
Today we celebrate cyber defense. The U.S. Department of Defense’s Defense Digital Service (DDS) announced expansion of the Hack the Pentagon crowdsourced security program and partnership with HackerOne. HackerOne is one of three vendors to be awarded a contract as part of the Hack the Pentagon expansion to run private assessments against sensitive, internal systems.This is in addition to HackerOne’s existing contract for public facing assets. As we applaud the DoD’s continued effort to help drive security innovation, let us also revisit how far we’ve come together and what lies ahead.
We are seeing tremendous growth at HackerOne. Bug bounty programs, vulnerability disclosure policies, and crowdsourced pentests are needed by anyone entrusted with protecting customer data. To serve our rapidly expanding customer base, we have tripled our headcount in the past 12 months and opened new offices in New York, Washington D.C. and Singapore, in addition to our San Francisco, London and Netherlands offices. We have recently hired two outstanding executives. Debbie Chang joined as VP of Business Development and Policy to establish partnerships with those who care about cyber risk management. Jeff McBride joins as our new VP of Customer Success to expand that operation and build new advanced service offerings that make the most of the ingenuity and skill of our enormous hacker community. HackerOne is a company driven by our mission and united by our values.
The best way to prevent getting hacked is to try to get hacked. Paradoxical as this may sound, evidence shows it is true. The worst data breaches the world has seen were with companies that did not invite external security researchers to report their findings. But by hunting for their security vulnerabilities, organizations can ensure the weak points are found and fixed before they are identified by criminals. Open sourcing security is the way.
The more the world gets hacked, the more we need hackers. We need white hats. They will find vulnerabilities so we can fix them and not get breached.
It is easy to focus on the sorry state of security and the millions of records that were lost, but it was also a year of great progress. Tens of thousands of security vulnerabilities were eliminated with help from hackers. The optimist in us points to the breaches that did NOT happen last year as a result.