Security testing that matches your priorities and needs.Apply Now
Open source software powers HackerOne. It powers our software, our infrastructure, and our model for engaging with our community. As part of our mission to make the internet safer, we want to make it easier for your open source project to remain secure.
As such, we offer a version of our popular HackerOne Bounty program for free to eligible open source projects. Use HackerOne to coordinate vulnerability reports, pay out bug bounties, and more.
HackerOne Community Edition gives you access to the most trusted hacker-powered security platform. With HackerOne, your contributors, users, and hackers will have a safe, place to submit vulnerability reports, making it easier for you to keep your project secure.
Your Security Page declares your project's vulnerability coordination policy to hackers.
Each hacker's historic performance on the platform. Helpful for building community.
Start by inviting a few trusted hackers in a private program by reputation or username.
Integrated tools for discussing submitted vulnerabilities from your community.
Utilize our API to sync your data with your internal data analytics tool.
Query more advanced metrics to track metrics measuring your program's ROI.
Intelligent Pattern matching finds common issues and identifies duplicate reports.
Entirely free for eligible open source projects*.
* Free HackerOne Professional subscription. If you pay out cash bounties, HackerOne will charge the usual 20% payment processing fee.
Projects in scope must only be Open Source projects that are covered by an OSI license.
Projects must be active and at least 3 months old (age is defined by shipped releases/code contributions).
You add a SECURITY.md in your project root that provides details for how to submit vulnerabilities (example).
Display a link to your HackerOne profile from either the primary or secondary navigation on your project's website.
You maintain an initial response to new reports of less than a week.
To apply, submit the form below and include the name of your project, your project website, and share some details about why you would like to receive HackerOne Community. Please note: all approvals at the discretion of HackerOne and decisions are final.Apply Now