Workflow Automation Enables Syncing of High-Priority Vulnerability Reports

SAN FRANCISCO–(BUSINESS WIRE)–Today, HackerOne, the world’s most trusted hacker-powered security platform, announced a new workflow automation integration with GitHub that enables the tracking and synchronization of high-priority vulnerability reports between HackerOne and GitHub. Also today, HackerOne is making its debut on GitHub’s Marketplace.

With HackerOne’s synchronized integration, software development leads can organize sprints, speed up build time, field requests from technical teams, and track their work from within a single interface — all while building more security into the Software Development Lifecycle (SDLC). With just one click, GitHub issues can be created from HackerOne intelligence, enabling teams to rapidly take action and track progress.

“Knowing where your code is vulnerable is half the battle,” said HackerOne CTO and Co-founder Alex Rice. “Being able to resolve these security holes before they are exploited is a challenge in and of itself. By combining HackerOne’s global community of security researchers with GitHub’s developer tooling, joint customers ensure the vulnerabilities that present the greatest risk to the business are remediated on time. Our goal is to break down the walls between security and developers, building the critical feedback loops that empower developers to learn from each report and develop more trustworthy products from the start.”

With this integration, organizations can:

  • Reduce time to remediation with automated workflows
  • Unify vulnerability actions across a single console
  • Simplify the triage and remediation process with an efficient handoff to the development team
  • Achieve real-time synchronization between HackerOne and GitHub

“As the speed of software development continues to increase, so too does the introduction of vulnerabilities to code,” said Dana Lawson, VP of Technology Partnerships and Engineering at GitHub. “With this integration, security teams can quickly deliver potential vulnerabilities to developers within their workflows, helping them to shift left and rapidly respond to and mitigate vulnerabilities.”

The integration is available to all HackerOne Professional and Enterprise customers and can also be found on the GitHub Marketplace. Installation instructions can be found on the HackerOne Docs Site.

About HackerOne

HackerOne empowers the world to build a safer internet. As the world’s most trusted hacker-powered security platform, HackerOne gives organizations access to the largest community of hackers on the planet. Armed with the largest database of vulnerability trends and industry benchmarks, the hacker community mitigates cyber risk by searching, finding, and safely reporting real-world security weaknesses for organizations across all industries and attack surfaces. Customers include The U.S. Department of Defense, Dropbox, General Motors, GitHub, Goldman Sachs, Google, Hyatt, Intel, Lufthansa, Microsoft, MINDEF Singapore, Nintendo, PayPal, Slack, Starbucks, Twitter, and Verizon Media. HackerOne was ranked fifth on the Fast Company World’s Most Innovative Companies list for 2020.

Contacts

Samantha Spielman

press@hackerone.com