Skip to main content
an image showing Response product screenshots
HackerOne Response

Your always-on vulnerability response process (VDP)

Receive, manage, and track incoming vulnerability disclosures with the industry’s most trusted and reputable ethical hackers.

Smarter, simpler vulnerability management tools

Demonstrate security maturity and comply with mandates. Partner with a vulnerability disclosure program (VDP) pioneer whose triage team validates vulnerability submissions so you can focus on remediation using our vulnerability management tools .

What is a Vulnerability Disclosure Program (VDP)?

A VDP is a centralized process for anyone to report security flaws in an organization’s internet-facing applications. VDPs need to include a trusted methodology for organizations to receive and triage these reports. VDPs increase security postures by inviting the community of cybersecurity researchers to submit reports via a platform that facilitates program scope, prioritizes vulnerabilities by severity, and tracks remediation progress.

Responsible Vulnerability Disclosure

Turn a disruptive process into your competitive advantage

With a NIST best-practice VDP you have a well-defined process for finding and fixing your vulnerabilities—before they can be exploited.

an image demonstrating the Response workflow
End-to-end program management

Partner with security experts from start to finish

We provide guidance on policy and scope creation, manage your program launch, and share insights and analysis on your VDPs success. Our triage team supplies remediation guidance so you can focus on fixing vulnerabilities.

  • Receive policy creation and launch guidance from expert program managers.
  • Leverage our community experts to communicate effectively with hackers.
  • Plug security holes quickly with help from our triage team that prioritizes vulnerabilities for you.
an image showing screenshots from the Response product
Detailed data analytics

Know your vulnerabilities inside and out

See your most common vulnerability types, number of overall reported vulnerabilities, and vulnerabilities by criticality to understand your attack surface. Understand your mean time to remediate (MTTR) so you can improve your operational processes.

  • Streamline your SDLC by seeing which asset types are most prone to vulnerabilities.
  • Learn which vulnerabilities stay open the longest and understand your mean time to remediate.
Much more than an inbox

A full-featured VDP provides vulnerability management tools , assessment data, and triage to reduce your organization’s risk.

Learn how your business can benefit from a VDP

Ready to  see your vulnerabilities and address them before it’s too late?

The power of vulnerability disclosure
Vulnerability Management, Response

VDPs are at the Heart of the Australian Cyber Security Centre’s Recommendations

2020 has been an important year for VDP standardization worldwide. Earlier in the year, the U.S. saw the...
Company News, Customer Stories, Bounty, Response

Adobe and HackerOne Celebrate Five Years of Continued Collaboration

To celebrate five years with HackerOne, we sat down with Adobe’s Senior Security Program Manager Pieter Ockers...

Vulnerability Management, Vulnerability Disclosure, Response, Company Resources

What is a Responsible Disclosure Policy and Why You Need One

This article will answer the simple question of what a vulnerability disclosure policy is, what’s included in...