Tencent’s security response center partners with HackerOne for enhancing its cybersecurity practices

Photo by Markus Spiske on Unsplash

Editor’s brief: Tencent, the folks who gave us Wechat, mainland China’s answer to Facebook and Twitter combined, has a security response center that hones its cybersecurity as it becomes one of the world’s largest players in the digital space with social media, ecommerce and fintech. It recently announces a partnership with HackerOne, to work with “white hat” ethical hackers for its bug bounty programs. The vendor’s new release is found below.


Tencent Taps HackerOne’s Global Community of White Hat to Boost Cybersecurity

Leading Internet Services Provider Invites Ethical Hackers to Join in their Bug Bounty Program

SINGAPORE, @mcgallen #microwireinfo, April 14, 2020 — HackerOne, the global top hacker-powered security platform, today announced a partnership with Tencent Security Response Center (TSRC), the online platform run by the security arm of Tencent. HackerOne’s skilled global community of 600,000+ white hat hackers can now easily join in Tencent’s Bug Bounty Program through HackerOne, making vulnerability reporting and technical sharing from across the world faster and easier. Tencent will also leverage HackerOne’s network to streamline bounty payments when rewarding the white hat community’s joint force to help improve the security of its products and services and contribute to a safer internet for all.

TSRC is open to HackerOne’s global community of ethical hackers to participate in its public and open bug bounty program, an industry best practice to identify potential security vulnerabilities, allowing them to patch security holes before they can be exploited. The public-facing intake method incentivises ethical hackers to find security vulnerabilities in a company’s software and report them directly to the company’s security centre with a monetary reward or bounty.

The Bug Bounty Program awards up to US$15,000 for quality reports on eligible valid vulnerabilities, which are paid through HackerOne’s platform. Hackers are encouraged to look for vulnerabilities in all products and services of Tencent — one of the world’s largest internet service providers.

“Online security for our products and platforms is a top priority for Tencent. While we develop and deploy advanced technologies to safeguard our platforms, we also collaborate with professional white hackers’ networks to help us enhance our security protection for our products and our users,” said Juju Zhu, COO of Tencent Security Response Center.  “We are the first company in China to set up a Security Response Center, and now by partnering with Hacker One, we expect to receive constructive research results from a larger, global community of security experts.”

“TSRC has been a leader in leveraging hacker-powered security to protect user data and information to maintain trust,” said Attley Ng, VP of Asia Pacific at HackerOne. “By inviting a community of friendly hackers from across the globe to test their digital assets, Tencent is bringing a world of diverse perspectives to evaluate their portfolio of products and boost their security capabilities.”

According to HackerOne platform data in the 2019 Hacker-Powered Security Report, the adoption of hacker-powered security is growing in the Asia Pacific region with the number of programs increasing by 30% in 2019. This expansion has led to additional customer programs with government, enterprise, and technology organisations including Ministry of Defence (MINDEF), Government Technology Agency (GovTech), Toyota, Nintendo, Grab, Alibaba, LINE, OPPO, OnePlus, and more.

The partnership with TSRC is announced on the heels of HackerOne revealing an increase of over 100% in enterprise sales bookings year-over-year, including an expansion into new international regions like the Asia Pacific. In addition, HackerOne was placed as the world’s fifth-most innovative company and top security organisation globally on Fast Company’s prestigious annual list of the World’s Most Innovative Companies for 2020, a proven partner and innovator for businesses in APAC.

To learn more about TSRC’s programs, please visit https://hackerone.com/tencent.

About HackerOne
HackerOne is the #1 hacker-powered security platform, helping organisations find and fix critical vulnerabilities before they can be exploited. More Fortune 500 and Forbes Global 1000 companies trust HackerOne than any other hacker-powered security alternative. With more than 1,800 customer programs, including The U.S. Department of Defense, General Motors, Google, Goldman Sachs, PayPal, Hyatt, Twitter, GitHub, Nintendo, Lufthansa, Microsoft, MINDEF Singapore, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, and Intel, HackerOne has helped to find over 160,000 vulnerabilities and award more than US$90M in bug bounties to a growing community of over 700,000 hackers. HackerOne is headquartered in San Francisco with offices in London, New York, the Netherlands, France and Singapore.

About Tencent and TSRC
Tencent uses technology to enrich the lives of Internet users. Our communication and social platforms, Weixin (WeChat) and QQ, connect users with each other and with digital content and services, both online and offline, making their lives more convenient. Our targeted advertising platform helps advertisers reach out to hundreds of millions of consumers in China. Our FinTech and business services support our partners’ business growth and assist their digital upgrade. Tencent invests heavily in talent and technological innovation, actively promoting the development of the Internet industry. Tencent was founded in Shenzhen, China, in 1998. Tencent Security Response Center (TSRC) is the online platform for Tencent’s security team to cooperate with security researchers and partners around the world to create a robust cyber security eco-system. Being the pioneer to set up its own security response and bug bounty platform, TSRC has always played a vital role in leading the development of enterprise security and white hat community in China. TSRC is responsible for the security of Tencent’s software and systems, ensuring online defences are robust, secure, and that users are protected. TSRC operates the Threat Bounty Program, building relationships with bug hunters and security partners, holding security salons and conferences, monitoring and analysing security threats and vulnerabilities, helping developers fix vulnerabilities and sounding alarms to all customers, helping our users recover from security incidents quickly and effectively, and tracing the source of attacks quickly and accurately.

# # #