Several trends in the way we work and consume technology have resulted in an ever-expanding cyberattack surface for organizations of all sizes. Comprehensive digital transformation across enterprises, the rise in cloud adoption, the normalization of working from anywhere, and Internet of Things (IoT) initiatives have resulted in an explosion of new applications, along with an increased rate of iterations and updates.

This is the fifth report in the series which plots the use of vulnerability disclosure in consumer markets with the introduction of enterprise starting in 2021. For consumers, knowing that a manufacturer has the requisite systems in place to receive, and remedy, known security flaws is a welcome form of assurance. Indeed, we have said many times that the lack of an easily identifiable method for reporting security issues could be likened to a canary in the coal mine – it’s a good health indicator as to how serious they are about security.

HackerOne’s Hacker-Powered Security Report: Industry Insights leverages data from real-world vulnerability reports to provide insight into the fastest-growing vulnerability categories, how bounty prices are changing year over year, and which industries are fastest to fix. The most innovative CISOs stay ahead of cybersecurity threats and mitigate vulnerabilities by augmenting internal teams and security testing tools with a skilled and engaged hacking community.

In this year’s Hacker-Powered Security Report: Financial Services, we look at what drives ethical hackers, where they focus their energies, and what they’re doing to help financial services companies improve their security profile. In the past year, the hacking community has found over 65,000 customer vulnerabilities. Financial services continues to be among the most popular industries for ethical hackers to work on, and vulnerabilities in web applications are by far the most commonly reported issues in the industry

The 7th annual Hacker-Powered Security Report goes deeper than ever before with customer insights, in addition to the opinions of some of the world’s top hackers. We also take a more comprehensive look at the top ten vulnerabilities and how various industries are performing when it comes to incentivizing hackers to find the vulnerabilities that are most important to them.

This report goes into the hacking industry in 2020. It talks about the impact of hackers on security, bug bounty trends, and more.

The third annual report from Hacker One on the state of the hacker/security testing community. Data is drawn from Hacker One’s community of bug bounty registrants and subscribing platforms.

The fourth annual report from Hacker One on the state of the open security testing community, using data from Hacker One’s bug bounty program.

This is a transcript of a February 2018 US Senate meeting that discussed Data Security and the hacking community.

This report is a kind of dossier on the hacker community. It lets you in to their world, to know their mindset, and thoughts on the bug bounty community.

As we approach critical mass of hacker-powered security, read on to learn more about best practices of starting and running effective disclosure and bug bounty programs, and get to know some of the stories and stats about the hackers themselves.

This report examines the broadest platform data set available and explains why organizations like General Motors, Starbucks, Uber, the U.S. Department of Defense, Lufthansa, and Nintendo have embraced continuous, hacker-powered security.

This is a fun little infographic that provides information on the top threats of 2017.