Log in
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 
News: Latest News
Latest NewsCompaniesMarketsEconomy & ForexCommoditiesInterest RatesBusiness LeadersFinance Pro.CalendarSectors

HackerOne : and SecurityScorecard Partner to Combine Bug Bounty Information and Security Ratings for True View of Cyber Posture

05/11/2021 | 09:07am EDT

For the first time, insights from bug bounty and vulnerability disclosure programs will directly integrate into Scorecards, showcasing true strength of an organization’s security

HackerOne, the most trusted hacker-powered security platform, and SecurityScorecard, a global leader in cybersecurity ratings, announced a first-of-its-kind integrated solution that uses hacker-powered security signals and data as a leading indicator for evaluating corporate and supply chain cyber risk. With this integration, SecurityScorecard users will gain visibility into relevant security issues and ‘hacker activity’ for vendor Scorecards before they can be exploited and receive actionable Insights in a single pane of glass.

By seamlessly integrating the HackerOne API into the SecurityScorecard platform, users will now be able to showcase their bug bounty and vulnerability disclosure efforts in their scorecards and gain visibility into how their suppliers and partners are deploying these programs within their own environments. Insights added — including vulnerabilities resolved, median time to remediation and resolution, and more — will demonstrate how these programs can resolve risk and harden attack surfaces.

HackerOne takes an adversarial approach to security testing, connecting enterprises with ethical hackers to identify and safely report vulnerabilities before they can be exploited. This complements SecurityScorecard's outside-in approach to evaluating an organization’s security posture. The company’s proprietary technology continuously monitors 10 risk factor groups to deliver an A-F rating and empower organizations to improve their own security posture and assess the risk of vendors.

“Incorporating this combined signal shows a true 360 degree posture, and rewards companies for the efforts they take proactively to have security researchers find vulnerabilities on their sites,” said Aleksandr Yampolskiy, CEO at SecurityScorecard. “We are excited to partner with HackerOne and are confident organizations and insurers will be enabled to better pinpoint risks with this comprehensive data."

SecurityScorecard customers will be able to opt-in in order to take advantage of the integration, and can use the information to better understand the strength of any organization's security program. A “Hacker Report” informational signal will appear on a Scorecard for companies with an active public security or bug bounty program when a hacker report is published.

The presence of a HackerOne program will be reflected as a positive signal within SecurityScorecard's Patching Cadence Factor.

“Today, organizations across all industries are leveraging hacker-powered security programs to discover and shore up their true attack surfaces,” said Alex Rice, Co-founder and Chief Technology Officer at HackerOne. “With the expertise of the global hacker community continuously evaluating your full security posture, your teams will gain a powerful level of insight into the real world risks facing you and your partners. This best practice is now a crucial step toward a proactive security posture that confidently supports today's rapidly evolving business needs."

On May 27 at 10:00 a.m. PT, Alex Rice, CTO and co-founder at HackerOne, and Mike Wilkes, CISO at SecurityScorecard, will host a hands-on educational workshop to explore how vulnerability disclosure programs, bug bounties and security rating services can work together to drive down cyber risk. Our expert speakers will share best practices for successful programs and the signals can help assess risk severity. Other topics include cyber ratings, how they work, and the use-cases they can support. Together, attendees will learn how these tools and programs can, collectively, help with third-party risk and cyber insurance. To attend, register here: https://www.hackerone.com/leading-indicators-for-the-leading-indicators

About HackerOne

HackerOne empowers the world to build a safer internet. As the world’s most trusted hacker-powered security platform, HackerOne gives organizations access to the largest community of hackers on the planet. Armed with the most robust database of vulnerability trends and industry benchmarks, the hacker community mitigates cyber risk by searching, finding, and safely reporting real-world security weaknesses for organizations across all industries and attack surfaces. Customers include The U.S. Department of Defense, Dropbox, General Motors, GitHub, Goldman Sachs, Google, Hyatt, Intel, Lufthansa, Microsoft, MINDEF Singapore, Nintendo, PayPal, Slack, Starbucks, Twitter, and Verizon Media. HackerOne was ranked fifth on the Fast Company World’s Most Innovative Companies list for 2020.

About SecurityScorecard

Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 5 million companies continuously rated. Founded in 2013 by security and risk experts, Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 16,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees, and vendors. Every company has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.

© Business Wire 2021
Latest news "Companies"
05:58pSUN LIFE FINANCIAL  : announces offering of Limited Recourse Capital Notes
05:57pDEAN ARMSTRONG : What International Women in Engineering Day means to us
05:57pCarrols Restaurant Group, Inc. Prices Offering of $300 Million of Senior Notes Due 2029
05:56pNFL explores strategic partnership for media assets
05:56pAMAZON COM  : NFL explores strategic partnership for media assets
05:55pGEAR ENERGY LTD.  : Announces Successful Completion of Annual Borrowing Base Redetermination and May Update to Shareholders
05:55pAether Catalyst Solutions Announces First Tranche of Non-Brokered Private Placement
05:54pMCAFEE  : Anti-virus software pioneer John McAfee found dead in Spanish prison cell
05:53pAGORA  : Building an Android Video Chat App with In-Call Statistics
05:52pSILVERGATE CAPITAL  : Announces Virtual Participation at Compass Point's Cryptocurrency & Blockchain Day
Latest news "Companies"