HackerOne

RATING:

4.7

(9)
Overview

About HackerOne

HackerOne is a hacker-powered cybersecurity platform that enables organizations within the government and financial service industries to identify, capture, and resolve security vulnerabilities that were discovered by hackers. HackerOne is designed to help users receive and monitor vulnerabilities through secure channels, conduct continuous vulnerability testing for specific features or in-house apps, and implement security assessments to ensure products meet security compliance requirements for secure product launches. HackerOne also provides advisory and triage services that help teams launch and scale security programs, validate vulnerabilities, and develop remediation plans.

HackerOne Reviews

Overall Rating

4.7

Ratings Breakdown

Secondary Ratings

Ease-of-use

5

Customer Support

4

Value for money

4

Functionality

5

Most Helpful Reviews for HackerOne

9 Reviews

User Profile

Abhinav

Verified reviewer

Computer & Network Security, 1 employee

Used daily for less than 2 years

Review Source: Capterra
This review was submitted organically. No incentive was offered

OVERALL RATING:

5

EASE OF USE

5

VALUE FOR MONEY

5

CUSTOMER SUPPORT

5

FUNCTIONALITY

5

Reviewed May 2023

Best platform to start bug bounty journey

It really nice if you have the knowledge you can earn good amt. of money via securing other companies

PROS

They have a very good triaging system for the bugs reported. 99% of the time you will get an update on the status of the report within the time mentioned on the each program

CONS

While transferring the bounty their could be some difficulties during verification

Anonymous

11-50 employees

Review Source: Capterra
This reviewer was invited by us to submit an honest review and offered a nominal incentive as a thank you.

OVERALL RATING:

4

EASE OF USE

4

VALUE FOR MONEY

1

CUSTOMER SUPPORT

2

FUNCTIONALITY

4

Reviewed September 2021

Expensive and not fair to researchers, low ethics

PROS

They're in a leading position, which means the top researchers want to work with them

CONS

1) the only people you'll get to talk to as a client are sales people, with no knowledge of security or tech. 2) I don't like the way they collaborate with researchers: in their first level of the program, you pay a huge amount of money to the company, but it doesn't get distributed to the researchers at all. Their argument is that researchers go into this program to gain ranking points, until they have enough points to reach the next level and gain access to programs where they'll be paid for their reports. It's like working as an unpaid intern for years, just for the glory, until you maybe get access to a paid job. I think it's totally unfair to hackers who work really hard to find meaningful vulnerabilities. They have to do it as a graduation step, because HackerOne is in a leading position and will twist their arms

Reason for choosing HackerOne

I moved to another bug bounty platform, much more ethical

User Profile

Mohit

Verified reviewer

Hospital & Health Care, 10,000+ employees

Used monthly for less than 6 months

Review Source: Capterra
This reviewer was invited by us to submit an honest review and offered a nominal incentive as a thank you.

OVERALL RATING:

3

EASE OF USE

5

CUSTOMER SUPPORT

2

FUNCTIONALITY

5

Reviewed June 2020

Hackerone Bug Bounty Platform

Not that good. Nothing offered not even badges for duplicate valid bugs. Thus I go for private programs that directly work on the reports.

PROS

- Easy to use and submit a report. - Quick validation for critical and severe vulnerabilities. - Public disclosure is offered by very less platforms so its one of the big pros.

CONS

- My report was validated and bug was triaged and in a few days the bug was patched. But the report was assigned to a new member and he stated that it was triaged by a mistake. The injection was although minor but was valid so I think there should be some good validation process around it.

Saajan

Information Technology and Services, 1 employee

Used daily for more than 2 years

Review Source: Capterra
This review was submitted organically. No incentive was offered

OVERALL RATING:

5

EASE OF USE

4

VALUE FOR MONEY

5

CUSTOMER SUPPORT

5

FUNCTIONALITY

5

Reviewed May 2022

HackerOne is good from my perspective

PROS

HackerOne is one of the old platforms in cybersecurity that provides a place for bug hunters to report bugs to programs. Also, HackerOne comes with so many features like API tokens that we can use from our terminal to gather the program's scope or to report vulnerabilities. One of the best features that I like about HackerOne as Bughunter is the Hacktivity section of HackerOne that timely disclosed reports which are very useful for building skills.

CONS

As a user of HackerOne for the last 2 years, I don't find any issues or problems in HackerOne. Although sometimes, I feel like the response time of some programs is not so good. And, I know in the coming updates HackerOne will fix this issue by contacting them. Another wise, HackerOne is a great platform for Bughunters.

User Profile

Steve

Verified reviewer

Computer Software, 51-200 employees

Used monthly for less than 2 years

Review Source: Capterra
This reviewer was invited by us to submit an honest review and offered a nominal incentive as a thank you.

OVERALL RATING:

5

EASE OF USE

5

VALUE FOR MONEY

5

CUSTOMER SUPPORT

5

FUNCTIONALITY

4

Reviewed December 2017

Discover security vulnerabilities in your software in a way you can control

HackerOne informed my team of a number of security vulnerabilities in our application which we were able to fix quickly and discreetly.

PROS

Discovering vulnerabilities in your software is as important as it is sensitive. You need to discover them as quickly as possible, but don't necessarily want to advertise them to the public (even though all software inevitably has vulnerabilities). The thing I like most about HackerOne is the control it gives you over how your software is tested and how vulnerabilities get reported and addressed. Starting out, you may want to make testing private (invite-only) and invite a handful of testers to a testing environment. Later on, if you want to discover more and rarer vulnerabilities, you may decide to make testing public and allow HackerOne's large community of security researchers to search for issues.

CONS

I wish HackerOne's integrations (e.g. with Github) were self-service and more fully-featured. You can have HackerOne reports created as Github issues, for example, but in order to make that happen you have to contact HackerOne manually. I'd love a way to set this up myself, and for that integration to go both ways, e.g. for activity on the Github issue to appear in HackerOne. (Their Jira integration supports this.)

Mariam

Computer & Network Security, 11-50 employees

Review Source: Capterra
This review was submitted organically. No incentive was offered

OVERALL RATING:

5

EASE OF USE

5

FUNCTIONALITY

5

Reviewed December 2022

Buy Ethereum for your gas fees and fix your BTC Wallet with Cyber Quality Services.

I'm delighted to inform you that there is an easy solution to your hacking issues; all you need to do is follow the directions given to you. Working with Cyber Quality Services recovery was one of the best experiences of my life; they helped me grasp what 100percentage effort meant. Cyber Quality Services Recovery can assist with improving your school grades, recovering lost Bitcoin, and improving your negative credit score. Through the information below, you are directly in communication with Cyber Quality Services recovery. This message serves as a concrete referral because I know people out there will need any of these service. Be rest assured that Cyber Quality Services recovery will be at your rescue.Have a nice day everyone.Mariam Davison .

PROS

yes Cyber Quality Services is easy to work with

CONS

is not difficult because Cyber Quality Services are ready to be of help to anyone out there.

Iwan

Used daily for less than 2 years

Review Source: Capterra
This reviewer was invited by us to submit an honest review and offered a nominal incentive as a thank you.

OVERALL RATING:

5

EASE OF USE

5

VALUE FOR MONEY

5

CUSTOMER SUPPORT

5

FUNCTIONALITY

5

Reviewed July 2018

Great service

PROS

The HackerOne service gives us the opportunity to check the security of critical services by many testers at the same time.

CONS

Only the price is a downside of this service. I recommend every organization to test their own services through HackerOne.

Anant

Information Technology and Services, 2-10 employees

Used monthly for less than 2 years

Review Source: Capterra
This reviewer was invited by us to submit an honest review and offered a nominal incentive as a thank you.

OVERALL RATING:

5

EASE OF USE

5

VALUE FOR MONEY

4

CUSTOMER SUPPORT

4

FUNCTIONALITY

5

Reviewed May 2020

Ultimate Security by HackerOne

In total, HackerOne found 4 bugs, one of which was very serious and would have had a real impact on our clients if it was ever maliciously exploited. Thanks to HackerOne, we are better hardened than we were!

PROS

We had some issues with corporate espionage and hacking attempts that were not manageable by our local correspondents. So we signed up with HackerOne so they can hunt for vulnerabilities and bugs in our programs and applications. - The whole process of signing up was very easy. - Trusted hackers, real ones are much effective in our opinion and HackerOne shares that! - Cost effective - Continuous and real time delivery of results and recommendations.

CONS

There are only a few caveats though. - The website is a little complicated to understand if you aren't used to all the terms. - Bounty program is a bit vague.

User Profile

Jorge

Verified reviewer

Computer Games, 1 employee

Used weekly for less than 6 months

Review Source: Capterra
This reviewer was invited by us to submit an honest review and offered a nominal incentive as a thank you.

OVERALL RATING:

5

EASE OF USE

5

CUSTOMER SUPPORT

4

FUNCTIONALITY

5

Reviewed July 2021

HackerOne: A Great Resource for Learning Cybersecurity

HackerOne was a great way for me to learn how to hack, and I recommend it to anyone interested in the topic. I personally am not yet at the level of finding bugs as a way to make money, but I know a few people who have made a lot of money just by reporting bugs through HackerOne.

PROS

As someone familiar with building websites and programming but a total newbie to cybersecurity, I found their resources for learning about hacking to be very accessible and helpful. The best part was their capture the flag game that really helps learn and apply real techniques in a fun way.

CONS

I think that it can be difficult to get started if you don't have a background in programming. Also, the video series was not that helpful for me because I didn't think it did a great job of explaining things.

9 Reviews