Curated Research, Total Visibility, Complete Confidence
HackerOne Clear brings advanced vetting, increased security, and fine-tuned control to your security programs. Partner with proven, ID-verified, and background-checked security researchers with the skills and reputation to match your specific needs. Clear adds customizable digital agreements to meet legal and compliance requirements and the option to use our proprietary VPN technology for unmatched control.
Focused Access
HackerOne Clear can be added to any HackerOne private program, bolstering your existing security efforts with Advanced Vetting and Gateway. Advanced Vetting connects you with talented, ID-verified, and background-checked security researchers from the world’s largest community of security experts, providing 24/7/365 coverage for your most sensitive internal assets. Our proprietary VPN technology, Gateway, routes your researchers while adding verified auditability and control. It all complies with regulations, standards, and audit-based requirements for HIPAA BAAs, NDAs, and more.
Proven Success
Researchers vetted by Clear hail from over 60 countries and have identified over 43,000 valid vulnerabilities, including over 8,600 critical and high severity vulnerabilities. Specialized Clear researchers also have varying levels of U.S. Federal government clearances.
Advanced Vetting Strict Background Checks and Customizable Agreement for More Confidence
Advanced Vetting gives even the most risk-averse organizations the confidence to bring trusted security researchers into their security programs. It screens researchers using background checks, custom digital agreements, and Reputation score and code of conduct reviews, and adds a real-world skills validation to ensure researchers have the expertise to uncover high-impact vulnerabilities.
Gateway Secure VPN for Enhanced Visibility Control
Gateway routes all security program traffic through HackerOne’s proprietary VPN technology, providing the additional transparency and control required by highly-regulated customers. Gateway even enables external security researchers to test internal or pre-production assets with IP whitelisting and granular controls down to the individual researcher. Security teams get a simple, Web-based admin UI to easily and granularly manage researchers. It features split tunnel, finder-level segregation, and logging with SSL decryption.
Transparency and Control
Confident Assurance
- Know your researchers. Partner with ID-verified and background-checked security researchers who have the right skills and experience.
- Ensure compliance. Comply with regulations, standards, and audit-based requirements for HIPAA BAAs, NDAs, and more.
Controlled Access
- Maintain control. Gain visibility with HackerOne’s Gateway VPN.
- Secure any scope. Enables secure testing across the most sensitive internal or external attack surfaces.
Access the World’s Elite Security Researchers
Only the most elite security researchers are chosen to participate in HackerOne Clear programs. These experts have a pristine track record of following program policies and adhering to HackerOne’s Code of Conduct. Past reports must be comprehensive, clear, and complete. If a HackerOne Clear program explicitly requires testing via Gateway VPN, security researchers will adhere to that restriction as outlined in the policy page.
Rigorous Vetting for Quality and Security
The best security researchers want to work with organizations who demand more. But they also expect more: transparency, a speedy resolution of reported issues, and public recognition. They look for a rich bounty table structure, an engaging and competitive scope, and a direct relationship with your program management team to continuously improve the program.
In Their Words
More Resources
Better Security — ownCloud and HackerOne
Learn More
CISO’s Guide To Reducing Risk with Responsible Disclosure
Learn More
The Beginners’ Guide to Bug Bounty Programs
Learn More
PayPal Resolves 300 Vulnerabilities in First Year on HackerOne
Learn More
Upserve Resolves Over 85 Bugs in Two Years
Learn More
Meet HackerOne: The New Way of Doing Security
Learn More
Hacker-Powered Security Report 2019
Learn More
Hacker-Powered Data - Security Weaknesses and Embracing Risk with HackerOne
Learn More
Why Leading Businesses are Turning to Crowdsourced Security for Web Apps
Learn More
Global Security Threats Require Global Security Coverage
Learn More
European Union Open Source Bug Bounty Programme Customer Story
Learn More
Priceline Launches Public Bug Bounty Program: Q&A with Matt Southworth
Learn More
Program Insights from the PayPal Security Team
Learn More
Achieving SOC 2 Type II Compliance with Hacker-Powered Security
Learn More
Inside the GitLab Public Bug Bounty Program
Learn More
Q&A with Brian Neely, CIO & CISO of American Systems
Learn More
Fanduel’s Liam Somerville: Hackers Are an Extension of the Security Team
Learn More
How GM Works With Hackers To Enhance Their Security
Learn More
Top 20 Public Bug Bounty Programs of All Time
Learn More
Sonatype and HackerOne Team Up to Make Open Source Safer
Learn More
Meet PCI DSS Requirements for Assessing Vulnerabilities with Crowdsourced Security Testing
Learn More
Forrester Study on the Total Economic Impact of Crowdsourced Pen Tests
Learn More
What Every Security Leader Needs to Know Handbook
Learn More
Secure from the Start: The Complete Guide for Entrepreneurs
Learn More