HackerOne Reviews

Name: HackerOne
Brand: HackerOne
Rating: 4.3 (5 reviews)

Vendor: HackerOne

4.3 out of 5

5 reviews
85% willing to recommend

Post review

What is HackerOne?

HackerOne becomes your partner who executes all aspects of your bug bounty program, including triage, bounty pricing, and hacker relations, allowing you to fully focus on fixing vulnerabilities.

Get the HackerOne Buyer's Guide and find out what your peers are saying about HackerOne, Bugcrowd, Synack and more!

HackerOne is the #1 ranked solution in top Bug Bounty Platforms, #2 ranked solution in top Penetration Testing Services, #9 ranked solution in top Attack Surface Management (ASM) solutions, #30 ranked solution in application security solutions, and #40 ranked solution in top Vulnerability Management solutions. PeerSpot users give HackerOne an average rating of 8.6 out of 10. HackerOne is most commonly compared to Bugcrowd: HackerOne vs Bugcrowd. HackerOne is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 15% of all views.

Helped 838,640 peers since 2012

Featured reviews

Faizan Nehal

dApp Auditor at Hacken

Everything has become slower on HackerOne. I have noticed that older researchers receive all the private invites while newer ones receive fewer. The same goes for real-life events, where the same people are invited repeatedly. There are no clear guidelines for being invited to programs and conferences, and the process for receiving invitations appears arbitrary.

Read full review

Hrithik Kumar

SAP Security and GRC Consultant at Skillmine Technology Consulting

In college, I started using HackerOne and taught my 10-20 juniors how to use it. I'm sure they might still be using it in their lives right now. The biggest challenge integrating HackerOne into my existing security protocols has been on my side, not the tool's. I need to take the time out to use and practice with it, but currently, I'm unable to give it the time I used to. There's no issue from the application side. To use the tool, you first need a basic knowledge of cybersecurity terms, like exploits and vulnerabilities, and how to identify them. Once familiar with these basics, you can learn more from the resources and platforms HackerOne provides. They offer tickets and guides to help you understand the methods for finding and exploiting vulnerabilities. Before deciding to use the solution in your organization, consider the purpose. HackerOne is a multi-platform. If the goal is to spread awareness about cybersecurity or to make the security team more active in learning about hacking methods and new vulnerabilities, then it can be very effective. It allows the team to earn extra money while learning and exploring new vulnerabilities in the market, potentially even finding zero-day vulnerabilities. I would rate HackerOne around an eight to nine out of ten. The application is simple to use, offering numerous opportunities and scopes for exploration. It covers many platforms, including web, Android, and iOS applications. However, the high traffic can sometimes be a drawback. If they manage this issue by implementing features like consolidation pricing for duplicate vulnerabilities, it could easily be a ten out of ten.

Read full review

Jagdish SM

QA Engineering Lead at Confidential

I use the tool for vulnerability assessment and testing. The most valuable feature of HackerOne is its variety of programs. These programs provide depth into various areas, such as mobile, API, and websites. Response time can be improved. The HackerOne Trust team can be slow to respond…

Read full review

HackerOne mindshare

Product category:

As of February 2025, the mindshare of HackerOne in the Bug Bounty Platforms category stands at 36.1%, up from 35.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Bug Bounty Platforms

PeerAnalyst reports

Type	Title	Date
Product	Reviews, tips, and advice from real users	Feb 21, 2025	Download
Comparison	HackerOne vs Bugcrowd	Feb 21, 2025	Download

Valuable Features

Valuable features of HackerOne include access to a skilled hacker community, third-party integrations, and fast results. Users appreciate direct communication with companies to understand needs, responsive support, and a diverse range of programs across various sectors. Freelancers benefit from safe environments for practice. Users find it helpful for penetration testing and note its larger size and better reputation compared to competitors. Streamlined processes enhance the user experience.

"HackerOne is larger than WebCloud and has a better reputation than BugCloud, which results in a smoother process."
"HackerOne is larger than WebCloud and has a better reputation than BugCloud, which results in a smoother process."
"It helps me to get new sales, profits, and other benefits."

Room for Improvement

HackerOne's HackBot could benefit from better integration with broader services beyond Slack. The traffic during high-reward opportunities creates competition without acknowledgment for duplicates, affecting participants. Faster response times would enhance user satisfaction, as well as visibility of conversations between triagers and programs for better understanding. Speed issues and uneven invitation distribution to programs and events are noted as concerns. Clear guidelines for invitations would improve participation fairness.

"Everything has become slower on HackerOne. I have noticed that older researchers receive all the private invites while newer ones receive fewer."
"Everything has become slower on HackerOne."
"The ability to view the conversation between the triagers and the programs will be really good."

Pricing

HackerOne's pricing structure includes a 20% fee on awards, meaning if a hacker earns $1000, they pay $200. There is a subscription model for larger enterprises. The platform is free for bug bounty hunters, with no setup costs, licensing fees, or additional charges for participants. Users consistently rate it as cost-effective, noting the absence of any mandatory fees beyond the optional award commission.

"The solution is free."
"The tool is open-source and free for bug bounty hunters."

Popular Use Cases

Users employ HackerOne for hacking practice, responsible vulnerability disclosure, vulnerability assessment, and testing. It is utilized for downtime activities, generating additional income, and receiving bug bounty rewards. Organizations utilize HackerOne for vulnerability coordination through its interface, listing programs and websites for vulnerability reporting. HackerOne is consistently leveraged for identifying and reporting vulnerabilities, similar to techniques used for DuckTron. Users aim to find and report vulnerabilities to earn rewards and drive sales.

Service and Support

Customer service at HackerOne is praised for being responsive, with feedback coming from all company levels, including Co-Founders. Some users appreciate the engineering team's quick technical support; however, others notice a slowdown in response speed and detail over the years. While some haven't needed to contact technical support, others highlight a decline in responsiveness compared to previous years.

Deployment

HackerOne's initial setup is described as simple and straightforward. Users find it easy due to its SaaS model, eliminating the need for installation. Upon first login, users see opportunities immediately, eliminating the need for searching. The setup is considered user-friendly, with no encountered difficulties and is rated highly, nine out of ten.

Scalability

HackerOne demonstrates robust scalability, accommodating both increases and decreases in data volume efficiently. It offers excellent scaling capabilities for registered users, making it suitable for a wide range of programs and clients. While not crafted for a broad audience, it successfully supports extensive operations, meeting the needs of its user base effectively. With its expansive platform, HackerOne is highly regarded for its adaptability and scalability, earning high marks among users.

Stability

Users unanimously describe HackerOne as stable, reporting no major issues or breakdowns. They indicate the presence of only minor bugs, suggesting confidence in its performance over extended periods. Many emphasize experiencing consistently smooth operations over several years, highlighting reliability as a defining characteristic. Their experiences reflect satisfaction with stability, appreciating its dependable nature.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our HackerOne Buyer's Guide for additional reliable information.

Top industries

By visitors reading reviews

Computer Software Company

15%

Manufacturing Company

12%

Financial Services Firm

11%

Comms Service Provider

10%

University

Energy/Utilities Company

Retailer

Media Company

Healthcare Company

Insurance Company

Educational Organization

Government

Non Profit

Hospitality Company

Leisure / Travel Company

Legal Firm

Real Estate/Law Firm

Transportation Company

Performing Arts

Pharma/Biotech Company

Construction Company

Aerospace/Defense Firm

Outsourcing Company

Consumer Goods Company

Venture Capital & Private Equity Firm

Recreational Facilities/Services Company

Logistics Company

Wholesaler/Distributor

Compare HackerOne with alternative products

Learn more about HackerOne

HackerOne was previously known as HackerOne Assets, HackerOne Pentesting Services, HackerOne Security Assessments, HackerOne Vulnerability Management.