HackerOne

World's largest ethical hacker platform with over one million researchers, offering bug bounties and structured penetration testing to the US DoD and Fortune 500.

About

HackerOne is the world's largest ethical hacker-powered security platform, headquartered in San Francisco, California, providing bug bounty, vulnerability disclosure, and penetration testing services to organizations worldwide. Founded in 2012 by security leaders including Merijn Terheggen and former hackers, HackerOne has built a community of over one million registered security researchers and has facilitated the discovery of over 300,000 valid vulnerabilities. Their platform has paid out over $300 million in bounties, making it the most financially impactful crowdsourced security initiative in history.

Beyond traditional bug bounties, HackerOne offers HackerOne Pentest, which pairs curated teams of vetted security professionals with organizations for structured penetration testing engagements delivered through their platform. HackerOne serves an impressive roster of clients including the US Department of Defense, General Motors, Goldman Sachs, Microsoft, and many other Fortune 500 companies and government agencies. Their Hack the Pentagon program, launched in 2016, was the first bug bounty program run by the US federal government.

The company provides real-time dashboards, integration with development tools, and analytics that help organizations track their vulnerability management posture over time.

Services

Web Application Penetration Testing API Penetration Testing Mobile App Penetration Testing Network Penetration Testing Cloud Penetration Testing Vulnerability Assessment

Methodologies

OWASPPTES

Compliance Expertise

SOC 2 PCI DSS HIPAA FedRAMP ISO 27001 GDPR NIST CSF

Team Activity

CNBC Disruptor 50

Forbes Cloud 100

Fast Company Most Innovative Companies

Speaker: Black Hat

Speaker: DEF CON

Speaker: RSA Conference

Score Breakdown

47/100

Accreditations42/100 (30%)

Reviews0/100 (25%)

Team Activity54/100 (15%)

Experience100/100 (15%)

Service Breadth74/100 (15%)

Details

Headquarters: San Francisco, California, United States
Founded: 2012
Team Size: 201-500
Markets: Global, North America, Europe, APAC
Geography: Global

Accreditations

SOC 2ISO 27001FedRAMP 3PAO

Best For

EnterpriseMid-MarketGovernment

Industries

Technology Government Defense Financial Services Healthcare Retail & E-commerce

Visit HackerOne Write a Review

Related Providers

Rapid7

Creators of Metasploit offering enterprise penetration testing integrated with their comprehensive vulnerability management and security operations platform.

Score

LOCBoston, Massachusetts, United States

Web ApplicationNetworkMobile App+7

SOC 2ISO 27001

View Profile Visit Site

Coalfire

Compliance-focused cybersecurity advisory firm and FedRAMP 3PAO specializing in penetration testing that meets stringent regulatory requirements.

Score

LOCWestminster, Colorado, United States

Web ApplicationNetworkCloud+5

SOC 2FedRAMP 3PAOPCI QSA+1

View Profile Visit Site

Trustwave

Global managed security provider with the elite SpiderLabs penetration testing team and deep PCI DSS compliance expertise.

Score

LOCChicago, Illinois, United States

Web ApplicationNetworkMobile App+7

PCI QSAISO 27001SOC 2+1

View Profile Visit Site

Best UK ProviderBest for EnterpriseResearch Leaders

NCC Group

Global cybersecurity consultancy with CREST, CHECK, and CBEST accreditation, renowned for deep technical research and comprehensive penetration testing services.

Score

LOCManchester, United Kingdom

Web ApplicationNetworkMobile App+13

CRESTCHECKCBEST+6

View Profile Visit Site