What HackerOne Customers Say About the Problems Hackers Solve

July 11, 2024 HackerOne

The Problems Customers Use Ethical Hackers To Solve

Organizations work with ethical hackers to address a range of issues, including knowing unknowns, preventing breaches, meeting regulatory compliance, and helping the security budget.

“We don’t know everything that we have live so it’s a powerful tool to be able to say to the community “tell us what we don’t know.” It’s then my responsibility to find who is responsible for fixing these obscure assets.” 
— Matthew Copperwaite, Senior Cyber Security Engineer, Financial Times

“If I were to build an internal team to find vulnerabilities on the same scale as HackerOne, it would be very challenging — security salaries aren’t cheap, and it would take a year to fully ramp up a team. Via HackerOne, I can get immediate access to experts who are incentivized to find the most impactful vulnerabilities. This flexibility means we haven’t had to compromise company growth for security.”
— Dmitri Lerko, Head of Engineering, loveholidays 

“Our bug bounty is the last line of defense. If we’re getting reports on a product that is live, we know we should have found those issues earlier, so we focus on learning from the report and how to avoid it in the future.”
— Matthew Copperwaite, Senior Cyber Security Engineer, Financial Times

“We tell ourselves that industry certifications and cybersecurity laws can solve security, but when have certifications ever stopped incidents? Hackers are really special; if you want to catch an attacker, you need to think like an attacker, and attackers don’t think about the papers you have. When it comes to real breaches and attacks, I use real vulnerabilities to show impact.” 
— Alexander Korotkov, a CISO from a global SaaS provider

To gain more insights like these firsthand, check out the next stops on the Security@ Global Tour. If you're interested in learning more about the power of ethical hackers for your security program, contact the experts at HackerOne today.

Previous Article
Feedback-Driven Interviewing at HackerOne
Feedback-Driven Interviewing at HackerOne

The Talent Acquisition team currently has a net promoter score (NPS) of 56%, while the industry standard is...

Next Article
Pentesting for Web Applications
Pentesting for Web Applications

Pentest reports are a requirement for many security compliance certifications (such as ISO 27001 and SOC 2)...