What is your cybersecurity need?
Protect your evolving assets.
Scale app security across the SDLC.
Build your brand and protect your customers.
Meet compliance requirements and more.
Reshaping the way companies find and fix critical vulnerabilities before they can be exploited.
Test your organization's security preparedness with HackerOne Assessment.
Establish a compliant vulnerability assessment process.
The first step in receiving and acting on vulnerabilities discovered by third-parties.
Continuous testing to secure applications that power organizations.
Highly vetted, specialized researchers with best-in-class VPN.
Enhance your hacker-powered security program with our Advisory and Triage Services.
Home > Blog > bounty
Are you looking for examples of bug bounties? We’ll explain what bug bounties are and show you how they work step-by-step using actual examples.
The world’s most popular women’s health app, Flo Health, is responsible for the sensitive health data of 40 million women. With that much PII under their purview, Flo Health’s CISO knew that enabling his security team with the most advanced security testing methods was of the utmost importance to brand trust and user loyalty.
Looking for bug bounty examples? We’ll explain what bug bounties are, and show you how they work step-by-step using examples of actual bug bounties.
Trying to understand the difference between a bug bounty vs. CTF? We explain the differences, the similarities, and the benefits of each.
Vulnerability scanning helps companies identify possible ways an attacker could exploit vulnerabilities that might cause outages, allow unauthorized network access, or acquisition of privileged information. Outdated software products, unpatched operating systems, and misconfigured hardware often lead to vulnerabilities.
We recently sat down with Abhijith Chandrashekar, PSIRT Manager at Citrix, to discuss why Citrix continues to expand their bug bounty program and learn about their cloud security and scope expansion plans. Read on to see what he had to say.
Hundreds of HackerOne customers use our platform in their application security processes. For the most part, these are organizations using bug bounty to find vulnerabilities in their deployed applications. But there is so much more that we can do for development teams
Last week, HackerOne joined WhiteSource, AWS, and IGT for a roundtable discussion about the new security challenges of digital transformation. The panel discussed cloud security, software supply chain security, and vulnerability disclosure programs as examples of proactive approaches organizations can take to mitigate their risk.
I was still digesting last week’s fascinating roundtable with Nicole Perlroth, cybersecurity journalist and author of This Is How They Tell Me The World Ends, when the news broke that the US’s biggest fuel pipeline had been taken out by a ransomware attack. Nicole’s closing prediction that cyber criminals, emboldened by their success in targeting hospitals with ransomware, would move onto other critical infrastructure, was coming true before my eyes.
On World Password Day, I’m not going to talk about passwords. At the end of last year, HackerOne ran an exclusive campaign with a select group of hackers in which we challenged them to look for information exposures for 11 customers. The data found by the hackers included everything from passwords and authentication tokens to sensitive documents. No matter how secure your passwords are, your data is out there in different clouds and across various third-party vendors — it's only a matter of time before a leak puts your brand at risk.