Name: HackerOne
Rating: 4.6 (73 reviews)

Overview

Service Information on HackerOne

Updated 6th November 2025

What is HackerOne?

HackerOne helps organisations with Continuous Threat Exposure Management (CTEM). The HackerOne Platform unites agentic AI solutions with the ingenuity of a global community of security researchers to continuously discover, validate, prioritize, and remediate exposures across code, cloud, and AI systems. Through solutions like bug bounty, vulnerability disclosure, agentic pentesting, AI red teaming, and code security, HackerOne delivers measurable, continuous reduction of cyber risk for enterprise organisations around the world.

Overall experience with HackerOne

Manager, IT Security and Risk Management

30B + USD, Retail

FAVORABLE

“Efficient Platform Facilitates Transparency and Trust in Hacker Engagement Process”

5.0

Dec 12, 2025

It's a really easy platform to work with and the support provided by all at HackerOne takes the stress away from managing and engaging with ethical hackers. The model and how we engage with the hacker community is very well designed, allowing for transparency and building trust between the programs and hackers.

Head of InfoSec Audit & Assessments

10B - 30B USD, Manufacturing

CRITICAL

“Understanding the Paradox: The Constrained Value of Public VDP Programs”

3.0

Jun 2, 2024

The VDP program does allow a company to have a channel for external researchers to communicate with the right teams that can handle any known external vulnerabilities, however this works well only when your running a private program and the benefits stop once this goes public (not that advantageous)

About Company

Company Description

HackerOne helps organisations with Continuous Threat Exposure Management (CTEM). The HackerOne Platform unites agentic AI solutions with the ingenuity of a global community of security researchers to continuously discover, validate, prioritize, and remediate exposures across code, cloud, and AI systems. Through solutions like bug bounty, vulnerability disclosure, agentic pentesting, AI red teaming, and code security, HackerOne delivers measurable, continuous reduction of cyber risk for enterprise organisations around the world.

Company Details

Company type

Private

Year Founded

2012

Head office location

San Francisco, United States

Number of employees

201 - 500

Website

https://hackerone.com

Do You Manage Peer Insights at HackerOne?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Reviewer Insights for: HackerOne

Performance of HackerOne Across Market Features

HackerOne Likes & Dislikes

The flow of submissions through the platform and validation/prioritisation by triage means my team can focus on the findings that have real risk associated with them. HackerOne has one of the best implementations of AI that I have seen in any commercial product as of yet. The insights, ability to pull data from submissions and draw out complex exploits saves a huge amount of time. I can curate reports from common data points to the very complex at speed and with accuracy. The quality of reports and the depth of findings that would not have been picked up by traditional detections alone make the HackerOne community so invaluable to security programs.

This service works well for internal programs which are not public

The services provided by HackerOne are very customizable. It's not just a tick box service that you purchase and deploy. They will work with you on what your needs are and customize a program or service that works for your organization. This is helpful for many organizations that are still maturing in this area and not ready to go all out and enable all services. Not many organizations allow for this customization and want you to deploy a full program that you may not be ready for. HackerOne succeeds in this area and is truly customer focused.

While the majority of the hacker community are fantastic, you can sometimes come across someone who does not behave in a professional manor but the HackerOne Mediation team have always been able to assist in these scenarios. This is more of an industry problem than vendor specific. Standard reporting within the UI can be a little disjointed at times, but the Insights feature makes building out reports off platform easy to manage.

publicly listed programs have barely any intel and information, this makes things difficult and adds additional cost just to run a service which derives vaule for the business

One of the pitfalls regarding the service is the turnover of employees used within the service. This causes mixed results at times depending on the service in use and the workflows in place such as determining between VDP and BB or what queue the findings should be placed in to. Runbooks need to be clear and straightforward due to the turnover of analysts on the HackerOne team. The security researchers that are finding vulnerabilities come and go, but most are permanent fixtures of the program and drill deep to find the most difficult vulnerabilities related to your organization.

Top HackerOne Alternatives

Peer Discussions

HackerOne Reviews and Ratings

4.6

(73 Ratings)

Rating Distribution

5 Star: 64%
4 Star: 34%
3 Star: 1%
2 Star: 0%
1 Star: 0%

Customer Experience

Evaluation & Contracting

4.5

Planning & Transition

4.6

Delivery & Execution

4.6

Integration & Deployment

5.0

Service & Support

4.7

Service Capabilities

4.6

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

Manager, IT Security and Risk Management
10B+ USD
Retail
Review Source
Efficient Platform Facilitates Transparency and Trust in Hacker Engagement Process
5.0
Dec 12, 2025
It's a really easy platform to work with and the support provided by all at HackerOne takes the stress away from managing and engaging with ethical hackers. The model and how we engage with the hacker community is very well designed, allowing for transparency and building trust between the programs and hackers.
VP, IT Security and Risk Management
10B+ USD
Real Estate
Review Source
Transitioning From Private To Public Vulnerability Programs Reveal Increase In Security Findings
5.0
Nov 17, 2025
Our overall experience with HackerOne has been very good thus far. We started with a vulnerability disclosure program on a private basis. We then transitioned to a public vulnerability disclosure program and that transition went very well with just a few months with an uptick in findings but overall, a great move for our organization. We also use HackerOne for a private and limited bug bounty program. We are slowly maturing in this area and working with HackerOne to grow the program and eventually move this to a public setting similar to our vulnerability disclosure program. The findings these security researchers find are amazing and truly allow your organization to find one off findings that a standard pen test would not pick up.
Audit Manager
1B-10B USD
IT Services
Review Source
Good platform but requires internal commitment
5.0
Oct 26, 2025
My overall experience with HackerOne has been very positive, moving from average to outstanding as we've matured our program and not facing any issues since I started using this platform. HackerOne provides an essential service by connecting our organization with a global pool of security talent, and it has fundamentally improved our ability to identify and remediate vulnerabilities.
IT Security & Risk Management Associate
1B-10B USD
Real Estate
Review Source
Access to Diverse Security Talent Balanced by Slow Report Triage Response Times
4.0
Oct 22, 2025
Hackerone does a good job providing a large base of hackers or testers that we would otherwise not have any easy way of getting access to. The triage team tends to work quite slowly, and this does impact our ability to work with the hackers on getting them fairly and properly compensated for cases where it is applicable.
IT Security & Risk Management Associate
50M-1B USD
Media
Review Source
HackerOne Enhances Security With Early Issue Detection and Custom Bug Bounty Coverage
4.0
Mar 30, 2026
HackerOne has improved our overall application security program by providing us with actionable findings and reducing duplicated reports. We have been able to fix a lot of issues early before they were exploited in the wild.

...

Showing Result 1-5 of 74

Recommended Gartner Insights

Market Guide for Application Crowdtesting Services