So, who are these hackers that are reporting vulnerabilities to companies?

At HackerOne we get asked this question a lot. HackerOne created the 2016 Bug Bounty Hacker Report to share insights about the hacker community and to give hackers the exposure deserved as vital actors in our modern digital society. For the ‘2016 Bug Bounty Hacker Report,’ we surveyed 617 successful hackers on HackerOne. We define a successful hacker as one who has submitted at least one valid security vulnerability on HackerOne. 

The visual complement to the Bug Bounty Field Manual: The definitive guide on how to plan, launch, and operate a successful bug bounty program for beginners.

We have created the most comprehensive, educational, practical, and valuable resource ever about the ins and outs of running a successful bug bounty program and now we've turned it into a simple one-page graphic.

12 steps broken down with chapter references and additional resources one-click away.

We also include an exclusive toolkit of FREE templates to equip you on your way to the bug bounty promised land.

We have created the most comprehensive, educational, practical, and valuable bug bounty guide ever about the ins and outs of running a successful bug bounty program.

Written by our Chief Bounty Officer, Adam Bacchus, this comprehensive bug bounty guide covers everything you need to know about creating and running a world-class bounty program.

• Get the best tips and examples from real bounty programs.
• Learn how to set bounty values and pay hackers.
• See how bounties fit within your current security efforts.

Read the infographic to see key findings of this cyber security and hacking survey report (including some shocking results about employees view of their employers cyber security efforts and their perspective on cyber security in the Trump administration).

Internet security is not only something that Americans have to be mindful of in their daily, personal lives, but also something that needs to be top-of-mind while at work.

Security Teams have launched hundreds of bug bounty programs with HackerOne, and each has found a unique path to success based on their individual needs. Yet measurable patterns emerge when we dive into HackerOne's bug bounty data across these hundreds of programs. For companies new to bug bounty programs, we have collected these insights to help demonstrate the factors and bug bounty strategies that successful programs share. You can expect to find key benchmarks, and a better understanding of the levers that will drive improvement in each dimension of a successful program.

More companies use HackerOne for their bug bounty programs than any other platform. The best companies have learned how to work with hackers - managing communications, expectations, and payments. Satisfied hackers learn about your software and unearth juicy bugs that can dramatically improve your true security. Read the guide to learn: