Good value for the money
What do you like best about the product?
it has a constant engagement from different people.
What do you dislike about the product?
not all of the guys are experienced.
it does not replace pentesting but it surely helps.
The interface its not great, its easy to get lost or miss reports.
What problems is the product solving and how is that benefiting you?
it serves as pentesting replacement.
Platform supports skill development with effective vulnerability reporting
What is our primary use case?
My use case is similar to DuckTron. The processes I use for DuckTron are exactly the same for HackerOne. Therefore, there isn't much of a difference. I use HackerOne for finding vulnerabilities and reporting them, then receiving rewards akin to a bug bounty program.
Within my organization, HackerOne is used for vulnerability coordination through its user interface, which lists programs and websites for reporting vulnerabilities.
What is most valuable?
HackerOne is larger than WebCloud and has a better reputation than BugCloud, which results in a smoother process. Both platforms are similar in using their interfaces to list programs and facilitate reporting vulnerabilities, whether public or private.
What needs improvement?
Everything has become slower on HackerOne. I have noticed that older researchers receive all the private invites while newer ones receive fewer. The same goes for real-life events, where the same people are invited repeatedly. There are no clear guidelines for being invited to programs and conferences, and the process for receiving invitations appears arbitrary.
For how long have I used the solution?
I have used it for the same duration as other cloud services.
What do I think about the stability of the solution?
I have never faced any stability issues on HackerOne for the past four years. Everything was always completely smooth.
What do I think about the scalability of the solution?
HackerOne has high scalability. It is a large platform with many programs and clients, so I would rate it a nine out of ten.
How are customer service and support?
Technical support at HackerOne has slowed down considerably compared to four years ago. Previously, the support was quicker and more detailed, which is not the case now.
Which solution did I use previously and why did I switch?
I have tried Integrity and reported vulnerabilities there, and I have tried SVHack. However, I spend 90% of my time on HackerOne.
How was the initial setup?
The initial setup is simple and straightforward, which I would rate a nine out of ten. I have never faced any difficulties during this process.
What was our ROI?
HackerOne is free of cost for us. We receive rewards without needing to invest any money, so the return on investment is substantial.
What's my experience with pricing, setup cost, and licensing?
The cost is rated as one since there is no need to pay anything, not even a fee or commission.
Which other solutions did I evaluate?
I have tried other platforms like Integrity and YesLack, however, I focus most of my time on HackerOne.
What other advice do I have?
I rate HackerOne a nine out of ten.
It is slightly better than BugCloud. While some aspects have slowed down, HackerOne is still a strong platform for enhancing skills and offers an excellent initial setup. They should improve their invitation process.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Hackerone, a platform to invite actual hackers to test your production environment
What do you like best about the product?
The fact that HackerOne employees deal with the hackers first, and they then remediate with us
What do you dislike about the product?
Sometimes the reaction time is a little slow.
What problems is the product solving and how is that benefiting you?
It is providing us with an easy way to have our publicly available resources tested without having to schedule pentests
Solid platform with confusing UI
What do you like best about the product?
Has a good population of hackers, H1 triage service available.
What do you dislike about the product?
UI is confusing and H1 triage serice can be spotty/breaks SLA.
What problems is the product solving and how is that benefiting you?
A way to manage security bug reports including triaging and payout in bug bounty program management.
HackerOne is a Bug Bounty Provider
What do you like best about the product?
HackerOne's main strength is the hacker cohort it comes with, and the ease of rewarding said hackers. We rely on the triage team to handle the noise to separate the real risks from the chaff. HackerOne has extensive API capabilities that are essential to our usage.
What do you dislike about the product?
HackerOne is only one Bug Bounty vendor, and it's not certain what HackerOne does to attract hackers that have not used HackerOne, or have left in the past. Some functionalities are behind in the times, such as hacker credential issuance functionality, and when new features roll out, they often don't have a "try this new interface" function to get used to the new way things are laid out. The Triage team can be quite lacking in response speed and accuracy, especially with complex risks.
What problems is the product solving and how is that benefiting you?
HackerOne solves the need for an initial first-pass of submissions from hackers, and the payments issued to hackers.
One of the best hacker bounty program to have
What do you like best about the product?
Collaboration and Transparency
Diverse Talent Pool: of hackers
What do you dislike about the product?
Occasional Communication Gaps:
Despite built-in tools, misunderstandings or delays in communication between researchers and team
What problems is the product solving and how is that benefiting you?
Pen testing for compliance purposes and having the best hackering find issues with our application
Long Term User consider hackerone to be vital tool
What do you like best about the product?
Easily the largest and most reliable bug bounty platform on the market.
The support over the years has been next to none in the industry. We consistently gotten good feedback, support, and feature enhanced.
What do you dislike about the product?
At times scale of any platform can be difficult to manage and the UI has gone through upgrades. over the years but this is offset but very good customer support.
What problems is the product solving and how is that benefiting you?
Consistent testing and aware of potential vulnerabilities
Useful, Industry-Accepted Service
What do you like best about the product?
The HackerOne Triage Team is the most helpful part of the HackerOne platform. The upsides of the HackerOne platform are that it provides an aboveboard security mechanism and reduces risk to your organization.
What do you dislike about the product?
The least helpful part of the HackerOne platform is the subjectiveness of scoring and payouts. The downsides of the HackerOne platform are that it can cost your organization time and money.
What problems is the product solving and how is that benefiting you?
Our organization has many security vulnerabilities that HackerOne brings to our attention so that we can remediate them. This reduces the risk to our organization.
First time bounty program administrator
What do you like best about the product?
While I've participated in many bug bounty programs over the years, this is the first time I've ran one as the lead. The HackerOne team (Mostly Olivia, our CSM) has made it very easy for me to make this transition, from helping us with key metrics to understand how our program is doing, what we could improve to make it better, and also framing the impact the program has had to our customers and internal stakeholders.
What do you dislike about the product?
Even after using it for about 2 years now, it is still hard for me to keep where everything is in my head as I find the UI confusing and not intuitively coupled. For example, where your program settings live compared to where your metrics dashboard is.
What problems is the product solving and how is that benefiting you?
It helps us find qualified hackers to find bugs in our platform/code.
A Game-Changer in Cybersecurity
What do you like best about the product?
I've been using HackerOne for the past 1.5 years, and my experience has been overwhelmingly positive. As a platform dedicated to cybersecurity and vulnerability management, HackerOne has proven to be an invaluable asset for our organization.
What do you dislike about the product?
While the platform offers great value, the cost can be a consideration for smaller organizations.
What problems is the product solving and how is that benefiting you?
The platform's ability to connect us with top-notch security researchers has been a game-changer. We've seen a marked improvement in our security posture and have greater confidence in our ability to protect our assets. I highly recommend HackerOne to any organization serious about enhancing its cybersecurity defenses.
