HackerOne is a vulnerability management and bug bounty platform. It provides solutions that include cloud security, application security, attack resistance management, and more. It serves financial, government, and federal industries. The company was founded in 2012 and is based in San Francisco, California.
HackerOne's Product Videos
ESPs containing HackerOne
The ESP matrix leverages data and analyst insight to identify and rank leading companies in a given technology landscape.
The vulnerability management market offers solutions to help organizations identify and prioritize vulnerabilities in their IT systems, networks, and applications. These solutions aim to reduce the risk of cyber attacks and data breaches by providing insights into potential security gaps and offering guidance on how to remediate them. The market includes a range of vendors with different value pro…
HackerOne's Products & Differentiators
HackerOne Bounty minimizes threat exposure by tapping into a global community of ethical hackers, offering preemptive, offensive, and continuous oversight through a platform designed for expanding digital landscapes.
Research containing HackerOne
Get data-driven expert analysis from the CB Insights Intelligence Unit.
CB Insights Intelligence Analysts have mentioned HackerOne in 1 CB Insights research brief, most recently on Jul 28, 2023.
Expert Collections containing HackerOne
Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.
HackerOne is included in 3 Expert Collections, including Future Unicorns 2019.
Future Unicorns 2019
Tech IPO Pipeline
Track and capture company information and workflow.
These companies protect organizations from digital threats.
Latest HackerOne News
Nov 30, 2023
Disclaimer This vulnerability was discovered as part of H1-4420, a HackerOne live hacking event of which Zoom was a participating company. This issue was fixed promptly by the Zoom team, and no production tenants were affected in any way. In June 2023, a vulnerability in Zoom Rooms was discovered. This vulnerability had the potential to allow an attacker to claim a Zoom Room’s service account and gain access to the victim’s organization’s tenant. As a service account, an attacker would have invisible access to confidential information in Team Chat, Whiteboards, and other Zoom applications. What are Zoom Rooms? Zoom Rooms is a system developed by Zoom to allow team members in different physical locations to work together over Zoom. To set it up, the Zoom Rooms application is installed on a piece of hardware, such as an iPad. This device acts as a terminal for the people in the room, and “attends” the meeting on behalf of everyone there. To facilitate this, when a Zoom Room is created within the Zoom platform, a service account is created automatically with licenses for Meetings and Whiteboards. How Service Accounts Could Have Been Misused Predicting Email Addresses A Room service account is automatically assigned an email address by Zoom themselves. This is generated in the format rooms_<account ID>@companydomain.com. In this case, the account ID is the user ID value of the service account. The email domain is directly inherited from the user with the Owner role in the tenant at the time of creation – if the Owner has the email address [email protected] , then the service account will be room_<account ID>@example.com. While there are several ways to leak the account ID within Zoom, simply being in the same meeting as the Room and messaging the Room on Team Chat would disclose the Room’s entire email address. Claiming Accounts The problem with this approach for email generation is that this also applies to email domains of large email providers. For example, if the owner is using an outlook.com email address, the Room’s email address will be room__<account ID>@outlook.com. Since anyone can create an arbitrary Outlook email address, we can create a valid email inbox for a Zoom Room! Next, we followed the Zoom sign-up flow using the Zoom Room’s email address. This caused an email activation link to be sent to the Zoom Rooms email address. However, as we now controlled this email inbox, we could click on this link and activate the account. Upon activation, Zoom’s backend automatically logged us into the organization’s Zoom tenant as the service account. Given that a service account is treated as a team member, we could now gather information laterally across the tenant. Zoom Rooms, as service accounts with at least two licenses, had considerable access within the tenant as they were effectively treated as normal team members. They could view all users in the organization using the Contacts feature, hijack the meeting itself if they were the host, view all organization-wide whiteboards, and more. We noted interesting behavior in the Team Chat feature. Zoom provides a feature called Channels, which as the name implies, is a system of text channels. Channels are open to tenant employees by default. Room users were able to view the contents of any channel, including confidential information and persist in this access completely invisibly. Room users could not be removed from the channel by any administrator – even the Owner. Following several conversations with the Zoom team, the vulnerability was validated and promptly remediated. To mitigate this issue, Zoom removed the ability to activate Zoom Room accounts. Conclusion This finding demonstrated how service accounts could be misused to gain unauthorized access. SaaS systems are composed of many moving parts and managing the security of each part is a difficult task. While the scope of this finding was relatively limited, service accounts are often used by third-party apps as a means of retrieving data from SaaS applications. As one of the connecting points between the SaaS platform and the external internet, ensuring that such applications and service accounts are secured properly is crucial in maintaining a robust SaaS security posture. SaaS Breach Info Center As SaaS adoption continues to explode, the risk for breaches that threaten business operations and the security of highly sensitive data escalates. Learn how — and how often — SaaS data breaches occur.
HackerOne Frequently Asked Questions (FAQ)
When was HackerOne founded?
HackerOne was founded in 2012.
Where is HackerOne's headquarters?
HackerOne's headquarters is located at 548 Market Street, San Francisco.
What is HackerOne's latest funding round?
HackerOne's latest funding round is Series E.
How much did HackerOne raise?
HackerOne raised a total of $159.7M.
Who are the investors of HackerOne?
Investors of HackerOne include Benchmark, New Enterprise Associates, Dragoneer Investment Group, Valor Equity Partners, GP BullHound Sidecar and 16 more.
Who are HackerOne's competitors?
Competitors of HackerOne include Crashtest Security, Detectify, Intigriti, Yogosha, 418 Intelligence and 7 more.
What products does HackerOne offer?
HackerOne's products include Bounty and 4 more.
Who are HackerOne's customers?
Customers of HackerOne include Zebra, Snap, GitHub, Hyatt and John Deere.
Compare HackerOne to Competitors
Bugcrowd provides crowdsourced cybersecurity solutions. It proactively secures the digitally connected world The company provides a wide range of responsible disclosure and managed service options allowing companies to customize security testing programs fitting their specific requirements. It was founded in 2012 and is based in San Francisco, California.
YesWeHack is a global Bug Bounty and VDP Platform. YesWeHack offers companies an approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered), connecting more ethical hackers across countries with organizations to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure, and connected devices. YesWeHack was founded in 2015 and is based in Paris, France.
Detectify provides a fully automated external attack surface management (EASM) solution powered by an ethical hacker community. It enables teams to quickly remediate vulnerabilities, scan daily, and enrich discovered assets with internet protocols, and ports. The company's customers include governmental and digital service organizations. It was founded in 2013 and is based in Stockholm, Sweden.
Yogosha operates as a private bug bounty platform. It helps organizations to detect and fix vulnerabilities before criminals exploit them. It offers life hacking events, a vulnerability disclosure program, penetration testing as a service, and more. It was founded in 2015 and is based in Paris, France.
Cobalt develops a pentest as a service (PtaaS) platform. The platform enables modern businesses to crowdsource application security by connecting them with a vetted community of security researchers. Cobalt was formerly known as CrowdCurity. It was founded in 2014 and is based in San Francisco, California.
SafeHats helps enterprises create and run customised bug bounty programmes to drive a security culture within the organisation.