
HackerOne Community Edition
Security testing that matches your priorities and needs.

Hacker-Powered Security for the Open Source Community
Open source software powers HackerOne. It powers our software, our infrastructure, and our model for engaging with our community. As part of our mission to make the internet safer, we want to make it easier for your open source project to remain secure.
As such, we offer a version of our popular HackerOne Bounty program for free to eligible open source projects. Use HackerOne to coordinate vulnerability reports, pay out bug bounties, and more.

Security by the Community, for the Community
HackerOne Community Edition gives you access to the most trusted hacker-powered security platform. With HackerOne, your contributors, users, and hackers will have a safe, place to submit vulnerability reports, making it easier for you to keep your project secure.
* Free HackerOne Enterprise subscription. If you pay out cash bounties, HackerOne will charge a 5% payment processing fee.
Trusted By
Requirements
- Open Source Projects
Projects in scope must only be Open Source projects that are covered by an OSI license. - Be Ready
Projects must be active and at least 3 months old (age is defined by shipped releases/code contributions). - Create a Policy
You add a SECURITY.md in your project root that provides details for how to submit vulnerabilities (example). - Advertise Your Program
Display a link to your HackerOne profile from either the primary or secondary navigation on your project’s website. - Be Active
You maintain an initial response to new reports of less than a week.
Community Edition Application
To apply, submit the form below and include the name of your project, your project website, and share some details about why you would like to receive HackerOne Community. Please note: all approvals at the discretion of HackerOne and decisions are final.