Shopify's Andrew Dunbar on the Success of h1-415
Andrew Dunbar is the Director of Risk and Compliance at Shopify. Shopify joined HackerOne for the h1-415 live bug bounty hackathon where top hackers focused exclusively on their business for 8+ hours. Here's some of Andrew's thoughts on their approach with events like this and why it's such a win for them: We’re trusted with the businesses of hundreds of thousands of merchants all over the world. And we want to make sure that we’re doing everything we can for the security of our platform and one of the best ways to do that is to have as many people as possible looking for ways to infiltrate our systems and vulnerabilities in the software that we build. We feel that having an open and transparent bug bounty program we’re able to ensure that if someone does find a security issue they come to us with it first. We were really happy to meet the hackers face to face and we were really impressed with how the hackers were dedicated to the kinds of bugs that we wanted them to find. There’s a lot you can gain with having a hackathon with HackerOne, the platform already gives you a lot of exposure to hackers and makes you known and so by coming here and having some of the top hackers in the world invited into the same venue as you really gives them an opportunity to meet you, understand your platform, get to meet your security team … having those face to face conversations has been really valuable.
