Report

Hacker-Powered Security Report 2019

Get your copy of The 2019 Hacker-Powered Security Report

All Resources

Case Studies

Guides

Reports

Webinars

Videos

Infographics

Case Study
During that time, Upserve’s security team has resolved over 85 valid vulnerabilities thanks to hackers, paying $68,000 in bounties along the way.
Report
Get your copy of The 2019 Hacker-Powered Security Report
Report
Cybercriminals are exploiting application vulnerabilities to carry out increasingly devastating attacks. But standard prerelease scanning and pentesting services fail to detect these key vulnerabilities.
Report
Ever wonder who runs the biggest, fastest, and most lucrative bug bounty programs on the HackerOne platform? Now you can find out!
Webinar
Join Forrester Analyst Amy DeMartine as she highlights trends in Application Security as well as Jonathan Lipsitz who will walk through the findings of the TEI Report
Report
Better security, more satisfied customers, and better value
Webinar
Watch this on demand webinar and learn what the Paranoids at Verizon Media have learned about their attack surface through the HackerOne program
Webinar
In this webinar, HackerOne co-founder Michiel Prins will cover the top 15 vulnerabilities types of the 100,000+ valid vulnerabilities reported across the HackerOne platform.
Webinar
Learn how collaborating with ethical hackers minimizes cyber risk and the policies that promote a "neighborhood watch” driven approach to security.
Report
The 2019 Hacker Report brings the HackerOne community to life with statistics, interviews, insights, and more from over 300,000 individuals working to make the internet a safer place.
Webinar
Learn how you can work with your QSA and auditors to meet your compliance needs.
Guide
Every security-aware organization uses penetration tests to simulate attacks, close security gaps, and fulfill compliance requirements.
Webinar
Learn how you can implement hacker-powered security strategically with your security needs and maturity in mind.
Webinar
Learn how you can work with a community of ethical security researchers to discover critical vulnerabilities, have meaningful interactions, and improve your security posture. #TogetherWeHitHarder
Video
When running a startup, it is vital to know and identify the possible threats the cyber space holds in it. CEO at HackerOne Mårten Mickos, Jesse Kinser, the Director of Product Security at LifeOmic and Frans Rosén, Security Advisor at Detectify will let you in their mindset of operating a hack-free startup.
Guide
Improve your application security by following these words of advice on how to incorporate bug bounties and crowdsourced pen tests into your DevOps pipeline
Guide
Read this new ebook to learn 4 steps MSPs can take today in response to this government alert.
Guide
In this exhaustive guide, you’ll learn: How you can easily and quickly add hacker-powered security in a step-by-step process...
Webinar
Join financial services veteran, Jason Pubal, for this informative webinar on bug bounty implementation for financial services firms. Jason will review how in an agile and devops world, bug bounty programs help align information security with the new pace of product development and enhance a penetration testing program to be more focused and valuable. 
Report
Get to know the HackerOne community of hackers and see details of the HackerOne platform and approach.
Guide
Hacker-powered security checks off each of those boxes for growth-stage startups. It’s a cost-effective means for reducing risk and improving security, while also enabling engineering scalability and efficiency.
Guide
No one migrates to the cloud to become less secure than before the migration. Read on to learn how to prevent such a security regression when migrating to the cloud.
Report
Vulnerability data and hacker-powered security adoption metrics for the financial services industry
Guide
VDPs protect companies and hackers. That’s why the U.S. Department of Justice, the European Commission, and the U.S. Food & Drug Administration recommend them.
Guide
Summary and Key Highlights of the European Parliament CEPS Task Force Report
Case Study
When customers trust you to store and manage their data in the cloud, and regulatory agencies are watching, you need more than just the traditional approach to security.
Case Study
Connecting eaters with restaurants is Zomato’s main business, so they took a hospitable approach to hackers, driving engagement and quality submissions vital to the security of Zomato’s customers and core business applications.
Webinar
Fireside Chat between Marten Mickos - HackerOne CEO and Luke Tucker, Director Content & Community, HackerOne
Case Study
Read how Nextcloud uses HackerOne to expand their security efforts while maintaining a tight budget and keeping up with speedy competitors
Case Study
Over the past 3 years, Salesforce has worked with HackerOne to accept thousands of bug reports and award bounties to more than 1,200 hackers. The results are nothing short of a resounding success.
Report
More than 40 of the top blockchain and cryptocurrency companies trust HackerOne and our community of white-hat hackers to strengthen their security and protect their users.
Report
The study on the hacker-powered security ecosystem
Guide
Read the e-book to get all the details you need to implement a complete and compliant policy. 
Infographic
HackerOne Challenge customers—from the U.S. Department of Defense and the U.S. Air Force, to GitHub to Airbnb—and 100’s more customers are embracing the hacker-powered approach to increase the value they receive from point-in-time security tests. Here’s what they had to say in their own words.
Video
Reina is with the Defense Digital Service, as part of the larger US Digital Service; those responsible for Hack the Pentagon.
Guide
What the Federal Trade Commission learned from more than 50 law enforcement actions related to data security
Guide
Don’t just check the box on your annual pen test regimen but get useful results to improve your overall security.
Report
General Motors, Toyota, Auto-ISAC, and others are setting the cybersecurity pace for the entire automotive industry to follow.
Guide
What's it like testifying in front of congress after a massive breach?
Video
HackerOne CEO Marten Mickos joins NBC anchor and reporter Scott McGrew, Gizmodo's Kate Conger, and Reuters' Heather Somerville to discuss bug bounties and the latest Hack the Department of Homeland Security Bill (HR 1281)
Case Study
Read about GM’s success of working with HackerOne and the white hat hacker community
Guide
CISO's look to Thomas for getting their GDPR questions answered. Read the full interview with Thomas as he addresses some key concerns on this hot topic
Case Study
Qualcomm's Alex Gantman shares advice and best practices on working with security researchers and running a bug bounty program
Case Study
Shopify uses bug bounties to safeguard their merchants and turn the tables on vulnerabilities...and criminals.
Report
Read HackerOne Co-Founder and CTO Alex Rice’s summary of the hearing testimony, a full transcript of the hearing testimony of HackerOne CEO, Mårten Mickos, and also included are responses to follow up questions from U.S. Senator Jerry Moran of Kansas.
Webinar
Privacy expert and DPO consultant Debra Farber presents on the GDPR requirements for the Data Protection Officer
Guide
HackerOne provides several layers of control for selecting, inviting, and approving hackers based on their Reputation metrics, past program participation, specific skills, and more. Read how it works.
Case Study
Government agencies such as the US DoD, EU Commission, Singapore MINDEF and others, trust HackerOne to manage their hacker-powered security programs. Read their success stories.
Infographic
Flashcards formatted for easy printing and sharing
Infographic
In the past 5 years, our community of hackers has earned more than $24 million in bounties—and they’re on track to earn $100 million by the end of 2020. But we’ve often wondered: what are they doing with all of that money?
Guide
See data from HackerOne platform and interview with CISO of the year, Leo Niemela
Report
The largest survey ever conducted of the ethical hacking community. See statistics and growth metrics, insights into hacker motivations and mindset, and hacker stories.
Case Study
Read how Yelp transitioned from a private bug bounty program to a public bug bounty program and their learnings and statistics
Case Study
More than 25% of websites are powered by WordPress. Learn about their security team's approach to bug bounties
Case Study
Read about the strategies Riot Games employs in their successful bug bounty program which has paid out over $1M to hackers. Teaser: respect the hackers!
Case Study
Read how the security team at Mapbox have grown from a simple vulnerability disclosure policy to a robust and competitive bug bounty program. Written by Alex Ulsh from Mapbox.
Case Study
Coinbase is the most popular way to buy and sell cryptocurrencies. Read how they increased their bounties and secure their platform with HackerOne.
Case Study
HackerOne Response is helping AlienVault manage incoming reports, triage them, and automatically create tickets on their internal ticketing system. Read how.
Guide
Why thinking like a hacker is good for business
Guide
How you can protect your code, key GDPR articles you need to read, and your plan for when vulnerabilities are discovered by third parties
Guide
A flash card reference guide to the 10 most critical web security risks of 2017
Guide
Guidance on how to most effectively respond to a breach.
Guide
See a side-by-side comparison chart of traditional pen tests and hacker-powered pen tests.
Webinar
HackerOne welcomes Allen D. Householder and Art Manion, co-authors of the 121 page CERT® Guide to Coordinated Vulnerability Disclosure, for an Ask Me Anything session around their research and thoughts on vulnerability disclosure.
Guide
We distilled the 121-page CERT Guide to Coordinated Vulnerability Disclosure into a handy cliff notes version for easy reference
Guide
16 quotes from business and government leaders on why you need a vulnerability disclosure policy in place today to avoid being Equifax tomorrow
Guide
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018
Guide
See how Hacker-Powered Pen Tests deliver 10x the results at a fraction of the cost of traditional penetration tests
Infographic
Infographic showing how bug bounties are an invaluable tool for a secure SDLC.
Report
Our deep dive into vulnerabilities and programs for the financial services industry with new data and insights
Case Study
The U.S. Department of Defense (DoD), in a first for the U.S. Federal Government, invited white hat hackers to find security flaws in systems run by the Pentagon, Air Force, and Army.
Infographic
See some of the top companies running successful bug bounty programs on HackerOne.
Webinar
Watch this webinar to learn how to get around misguided thinking that leads to executive under investment in cyber security, and secure the resources you need.
Report
Specifically focused on the ecommerce and retail industry, this report covers data and insights from 800+ bug bounty programs.
Webinar
Scott Crawford, Research Director of Information Security at 451 Research, shares: Why having a Vulnerability Disclosure Policy is now “table stakes” and how bug bounties fit into the secure software development lifecycle
Guide
Download Vulnerability Disclosure Policy (VDP) Basics -- A complete guide for crafting an effective Vulnerability Disclosure Policy.
Infographic
A vulnerability disclosure policy (VDP) gives ethical hackers clear guidelines for reporting potentially unknown and harmful security vulnerabilities.
Guide
Get the TL;DR on 451 Research’s latest “pathfinder report” advising decision-makers on the value of bug bounties and the importance of a compliant vulnerability disclosure process.
Infographic
For your quick reference, we’ve distilled the report to 5 key trends that show how white-hat hackers are shaping the world of security.
Report
All the data from the HackerOne Hacker-Powered Security Report 2017
Report
Pictet’s Security in a digital world issue twenty-one
Guide
451 Research explores the role of bug bounties and vulnerability disclosure in the secure SDLC
Case Study
How to ensure security of the sensitive financial data for over 10,000 small and medium businesses? Run a top-tier bug bounty program.
Webinar
GitLab’s Product Manager, Victor Wu, dives into how GitLab helps you ship secure code, the tools they use, and a few industry best practices they follow to protect data and secrets.
Webinar
Creating secure software at the speed of agile: Your SDLC is incomplete without Hacker-powered security with Assembla CTO, Jacek Materna.
Report
A comprehensive report by HackerOne on data and insights from 800+ bug bounty programs and 50,000 resolved security vulnerabilities
Case Study
Learn how hacker-powered security illuminated their security blind spots.
Report
Who are these bug bounty hackers?
Guide
The Visual Guide for how to Plan, Launch, and Operate a Successful Bug Bounty Program
Guide
The definitive guide on how to plan, launch, and operate a successful bug bounty program.
Infographic
A study on Americans’ understanding of cybersecurity and hackers.
Case Study
LocalTapiola upped their SDLC game with bug bounties
Guide
Learn about the HackerOne Success Index - measuring bug bounty success.
Guide
Tips from launching and leading the Facebook and Uber bug bounty programs.
Guide
Best ways to make a Bug Bounty Program successful
Video
HackerOne customers describe HackerOne
Video
Can your company get hacked?
Video
HackerOne Product Overview
Video
Working with Hackers can improve security
Video
Forward-thinking security teams collaborate to solve problems.

Contact Us