I mainly use it for downtime activities, earning extra cash alongside a full-time job, and to get new sales and profits.
HackerOne
HackerOneExternal reviews
77 reviews
from
and
External reviews are not included in the AWS star rating for the product.
They have streamlined the complete process, which gives a sense of security to the users
What is our primary use case?
How has it helped my organization?
It helps me to get new sales, profits, and other benefits.
What is most valuable?
The main thing I like about HackerOne is that it provides a direct way to contact the program directly without the need to wait for weeks to get issues finalized and validated. They have streamlined the complete process, which gives a sense of security to the users.
What needs improvement?
The ability to view the conversation between the triagers and the programs will be really good. When an issue gets reported, the understanding conveyed to the program by the triagers is not visible to the reporter. This can cause gaps between what the finder has reported and what is explained to the program. If this communication is visible, it would benefit both parties.
For how long have I used the solution?
I have been using it for over three years, around three years.
What do I think about the stability of the solution?
I have not had any issues with stability like bugs or breakdowns.
What do I think about the scalability of the solution?
The scalability is good. It is easy to scale up or down data.
How are customer service and support?
The responsiveness has been good.
Which solution did I use previously and why did I switch?
I did not use any different solution before using HackerOne.
How was the initial setup?
The initial setup is not rocket science. It is something easy.
What's my experience with pricing, setup cost, and licensing?
It is free.
What other advice do I have?
The improvements which I have listed should be considered.
Great platform for Bug Bounty
What do you like best about the product?
The platform is intuitive to use, has many neat features, and provides a way for researchers to safely disclose vulnerabilities. Customer service has been helpful when we need assistance or have questions about handling specific situations. They have been very helpful in setting things up and trying to increase the number of submissions.
What do you dislike about the product?
It can sometimes be tricky dealing with the researchers and bounty payouts.
What problems is the product solving and how is that benefiting you?
Bridging the gap between researchers and organizations!
HackerOne Pen Testing
What do you like best about the product?
HackerOne offers a streamlined penetration testing experience, complimented by an intuitive web portal. Tests are easy to start and findings can easily be exported to third-party ticketing systems.
What do you dislike about the product?
The platform uses the same account type for customers and testers, leaving tghe profile page somewhat cluttered for users.
What problems is the product solving and how is that benefiting you?
HackerOne helped us launch an indepth pen test with minimal lead time.
Application Security Engineer
What do you like best about the product?
The Platform is very simple and very convenient.
Everyone knows what an H1 is, so it is much easier to start when you create a Program.
The CSMs are very creative and can help you push your program to another level.
Everyone knows what an H1 is, so it is much easier to start when you create a Program.
The CSMs are very creative and can help you push your program to another level.
What do you dislike about the product?
The Triage team not always know your program and this can be tricky cause it will take them much more time to validated or not a new reports.
What problems is the product solving and how is that benefiting you?
It will give us more "eyes," I meant it will give us more exposure to Bug hunters, and they help us to find bugs and at the end to make our company more Secure!
Leader in Bug bounty programs but can use some improvement
What do you like best about the product?
- Very easy to onboard and setup a program
Large pool of available hackers
- Lots of outreach from customer service to advise on high engagement with program and industry best practices
- Good efforts on de-duplication of bounties submitted
Large pool of available hackers
- Lots of outreach from customer service to advise on high engagement with program and industry best practices
- Good efforts on de-duplication of bounties submitted
What do you dislike about the product?
- Triage analysts are often not doing in-depth analysis, requiring a review of their work
- There is no ongoing learning of the program and the environment so analysts can make informed discussions. For the most part, analysts seem to be tackling each bug independently (aside from validating that there are no duplicates)
- Analysts often take longer than the suggested 48 hour time to respond and need follow-ups
- There is no ongoing learning of the program and the environment so analysts can make informed discussions. For the most part, analysts seem to be tackling each bug independently (aside from validating that there are no duplicates)
- Analysts often take longer than the suggested 48 hour time to respond and need follow-ups
What problems is the product solving and how is that benefiting you?
It provides another avenue to find exploitable vulnerabilities, in addition to other programs.
Platform to eliminate risks
What do you like best about the product?
HackerOne's platform is user-friendly and integrates with productivity tools like Jira and Slack.
Hai (AI Copilot) seems promising, and HackerOne has a talented pool of hackers with diverse skill sets.
Hai (AI Copilot) seems promising, and HackerOne has a talented pool of hackers with diverse skill sets.
What do you dislike about the product?
HackerOne needs to prioritize improving its triage service.
What problems is the product solving and how is that benefiting you?
HackerOne helps in finding security gaps in products and closing them quickly.
Offers bug bounty opportunities and helps to earn extra money
What is our primary use case?
I use the tool for hacking, practicing, and doing responsible vulnerability disclosure.
What is most valuable?
I don't use the tool in my day-to-day work. It's more for freelancing. I search for open platforms where I can do penetration testing on websites. If I find any bugs or vulnerabilities, I get paid. So, I do it as a freelancing activity, and it's really helpful.
Apart from getting all the bug bounty opportunities, we also get the chance to practice in a safe environment, like a demo setup. These features are great for beginners who want to explore bug bounties in the future.
What needs improvement?
One issue I've experienced is traffic. Many people try to participate when an opportunity with a bounty of around 1,000-15,000 dollars comes up. In this case, the first person to report the vulnerability gets the bounty. If a second person reports the same vulnerability, they are marked as duplicated instead of receiving some recognition. The second person also invested time finding the issue, so I think this can be improved.
For how long have I used the solution?
I have been using the product for three to four years.
What do I think about the stability of the solution?
HackerOne is stable.
How are customer service and support?
I haven't contacted the tool's technical support yet.
Which solution did I use previously and why did I switch?
I decided to go with HackerOne because I have experience with three bug bounty platforms: HackerOne and Bugcrowd. With Bugcrowd, you have to search for opportunities. In contrast, HackerOne presents opportunities directly when you log in. Additionally, other platforms' server response time and reporting methods are longer compared to HackerOne. HackerOne's reporting process is straightforward, with dropdown options for selecting the website and type of vulnerability.
How was the initial setup?
The solution doesn't need an installation since it's a SaaS model. It's very easy to use. When you log in for the first time, you'll directly see the opportunities page, where companies are ready for you to hack. The opportunities are right before you, so you don't have to search for them like on other platforms.
What's my experience with pricing, setup cost, and licensing?
The tool is open-source and free for bug bounty hunters.
What other advice do I have?
In college, I started using HackerOne and taught my 10-20 juniors how to use it. I'm sure they might still be using it in their lives right now. The biggest challenge integrating HackerOne into my existing security protocols has been on my side, not the tool's. I need to take the time out to use and practice with it, but currently, I'm unable to give it the time I used to. There's no issue from the application side.
To use the tool, you first need a basic knowledge of cybersecurity terms, like exploits and vulnerabilities, and how to identify them. Once familiar with these basics, you can learn more from the resources and platforms HackerOne provides. They offer tickets and guides to help you understand the methods for finding and exploiting vulnerabilities.
Before deciding to use the solution in your organization, consider the purpose. HackerOne is a multi-platform. If the goal is to spread awareness about cybersecurity or to make the security team more active in learning about hacking methods and new vulnerabilities, then it can be very effective. It allows the team to earn extra money while learning and exploring new vulnerabilities in the market, potentially even finding zero-day vulnerabilities.
I would rate HackerOne around an eight to nine out of ten. The application is simple to use, offering numerous opportunities and scopes for exploration. It covers many platforms, including web, Android, and iOS applications. However, the high traffic can sometimes be a drawback. If they manage this issue by implementing features like consolidation pricing for duplicate vulnerabilities, it could easily be a ten out of ten.
Securing the Digital Realm: Insights from HackerOne
What do you like best about the product?
Being the first in the business, hackerone has the largest community, covering various expected fortune 500 companies in their bounty programs.
What do you dislike about the product?
The support team usually take long time to resolve the tickets, in some cases they close they even closed the ticket without resolving the query.
What problems is the product solving and how is that benefiting you?
In the digital realm, bad attackers are continuously targeting companies to hack them illegally and threatening their reputation and integrity among customers, and clients. Selling their valuables on the DarkWeb. HackerOne enables ethical hackers to collaborate with registered companies to patch the maximum possible vulnerabilities that could allow a black hat to exploit the system.
Top solution for managing bug bounty program
What do you like best about the product?
Well known in the security researchers community, you can get a lot of exposure through it. The UI is simple and effective.
What do you dislike about the product?
Paid plans are not idle for small companies and B2B products.
What problems is the product solving and how is that benefiting you?
One place to get reports of security issues in the company's products. Acknowledge, triage, are reward reports in a dedicated system instead of in emails. The app is also used to apply rewards for eligible reports.
Professional business partnership with the security researcher community
What do you like best about the product?
HackerOne is a great partner to us to help find security researchers for our bug bounty programs.
What do you dislike about the product?
As with most enterprise software the cost of the yearly subscription could be lower. There is an arbitrary discount associated with each annual renewal.
What problems is the product solving and how is that benefiting you?
Resolving security vulnerabilities in our software products.
showing 21 - 30