Posted on

Editor’s brief: Perimeter cybersecurity is today a baseline defense for organizations. Most organizations have stepped up to more comprehensive cyber-defenses, including “shift left” and now, engaging white hat ethical hackers to help find vulnerabilities before fixing them asap. HackerOne, one of the leading ethical hacker platforms, is now available to Amazon AWS Marketplace customers. The vendor’s release is below.

HackerOne Now Available in AWS Marketplace

Hacker-powered security leader brings AWS customers streamlined access to vulnerability discovery and assessment

SINGAPORE, @mcgallen #microwireinfo, December 4, 2020HackerOne, a leading hacker-powered security platform, announced today that it is making its debut in AWS Marketplace. Amazon Web Services (AWS) customers can now find and purchase services from HackerOne in AWS Marketplace, a curated digital catalog of software, data, and services that run on AWS. HackerOne is one of the first comprehensive security solutions providers to quote and contract services in AWS Marketplace.

Cloud-native organisations and those migrating to the cloud need robust security solutions to ensure their cloud development reduces security risk and identify and remediate new security vulnerabilities before they can be exploited. When operating in the cloud, organisations face new cyber risks, and they need a way to know where these holes are to fix them quickly. HackerOne programs are designed to aid vulnerability discovery and management on AWS. AWS customers can rely on HackerOne solutions and services to discover security risks, vulnerabilities, and misconfigurations faster and remediate priority issues with the right skills and the right team. With services from HackerOne available in AWS Marketplace, customers have a simplified way to purchase software and related services in a centralised place.

“Companies gain unprecedented flexibility and agility when deploying applications and data on the cloud,” said HackerOne CEO Marten Mickos. “Exposure to cyber threats also changes. Only an outside-in view can reveal the potential vulnerabilities that must be fixed to prevent data breaches. For years, HackerOne has provided such services to the world’s leading cloud-native companies, preventing breaches by resolving tens of thousands of weaknesses. Building upon our relationship with AWS, we are delighted to extend our application security services in an easily consumable format to all who migrate to or are born on the cloud. We hack for good — for the good of digital assets on the cloud.”

Armed with the largest, most robust database of valid vulnerabilities, including insights into Improper Access Control, Information Disclosure and Server-Side Request Forgery, the three most severe and common for applications hosted on AWS, HackerOne offers agile solutions optimised for the cloud. The full breadth of these vulnerability assessment solutions will be available in AWS Marketplace.

An industry best practice, vulnerability disclosure programs guide hackers to submit findings through the proper channels. With HackerOne Response, customers can integrate vulnerability findings seamlessly into software development with the confidence that submissions are received quickly and consistently and integrate with existing security workflows for faster remediation.

Also added to the AWS Marketplace is HackerOne Pentest. With Pentest running on AWS, customers gain visibility into cloud-specific threats across cloud APIs, IAM risks, serverless deployments, DNS management, Amazon Simple Storage Service (Amazon S3), and more. With real-time platform access to program analytics including response targets, submissions, spend, and more, HackerOne Pentests help customers get beyond the traditional pentest model and deliver compliance-ready reports to satisfy SOC 2 Type II, ISO 27001, and more while reducing risk.

The HackerOne community carries deep knowledge within cloud security, and the hacker perspective provides a new view on what services may be exploited and how adversaries target cloud infrastructure. With HackerOne Bounty, now listed in AWS Marketplace, customers can leverage the world’s largest community of ethical hackers to secure applications with continuous testing. Specialised, trusted, and diverse, HackerOne hackers are incentivised by monetary rewards to find vulnerabilities and submit reports on their security findings for verification and remediation. This unstructured testing methodology mimics actual attack attempts that adversaries use to exploit vulnerabilities, providing a level of scale, speed, and human intelligence that traditional testing models lack.

For more information on HackerOne and AWS Marketplace, visit:

About HackerOne

HackerOne empowers the world to build a safer internet. As the world’s most trusted hacker-powered security platform, HackerOne gives organisations access to the largest community of hackers on the planet. Armed with the most robust database of vulnerability trends and industry benchmarks, the hacker community mitigates cyber risk by searching, finding, and safely reporting real-world security weaknesses for organisations across all industries and attack surfaces. Customers include The U.S. Department of Defense, Dropbox, General Motors, GitHub, Goldman Sachs, Google, Hyatt, Intel, Lufthansa, Microsoft, MINDEF Singapore, Nintendo, PayPal, Slack, Starbucks, Twitter, and Verizon Media. HackerOne was ranked fifth on the Fast Company World’s Most Innovative Companies list for 2020. Headquartered in San Francisco, HackerOne has a presence in London, New York, the Netherlands, France, Singapore, and over 70 other locations across the globe.