The Hacker-Powered Security Report 2017

Hacker-powered crowdsourced security programs - including bug bounty programs and crowdsourced penetration testing alternatives - are being leveraged by organizations of all sizes to identify security vulnerabilities before they can be criminally exploited.
This latest HackerOne report examines the broadest platform data set available and helps to explain why organizations like General Motors, Starbucks, Uber, the U.S. Department of Defense, Lufthansa, and Nintendo are turning to continuous, hacker-powered crowdsourced security to protect their customers, brand and products.
Inside you will find:

  • Year over year bug bounty program growth by industry
  • Vulnerabilities by type found across nine industries
  • Average time to resolution and reward
  • Percentage of bounties found by severity level through crowdsourced security programs
  • Bug bounty payout trends and highest awarded bounties ranked by industry