San Francisco-based bug bounty and penetration testing startup HackerOne has raised $49 million in a Series E funding round. The deal was led by investment firm GP Bullhound, bringing total investment to nearly $160 million to date.
HackerOne, the nine-year-old company that mediates between hackers and companies interested in testing their online vulnerabilities, has seen a rapid uptick in adopting HackerOne Assessments, Application Pentest for AWS, launched in August, to address issues in applications deployed on AWS.
The company also expanded its Internet Bug Bounty initiative to support vulnerability management in the open-source software supply chain, garnering key participants like Elastic, Facebook, Figma, Shopify, and TikTok.
The company said it had identified over 17,000 high or critical vulnerabilities over the past year that otherwise could have resulted in a compromise, with over 2,000 vulnerabilities dropped in December following the disclosure of the Log4j bug.
HackerOne received recognition for its innovative role in helping organizations improve their cybersecurity programs, being named a ‘brand that matters’ by Fast Company.
The startup that helps track security lapses
The company works with customers who use the company to help find critical security weaknesses to address them before players with nefarious intentions find and exploit them. Companies that pay for its help are Google, Intel, Airbnb, Alibaba, General Motors, and the U.S. Department of Defense.
In the first month of the zero-day dropping, 612 hackers submitted 2,175 potential vulnerabilities to HackerOne customers. Customers across the board also saw a 97 percent increase in reports for misconfigurations in 2021, underscoring how digital transformation and cloud migrations have increased organizations’ risk.
“With Log4j, ransomware, and nation-state attacks, governmental institutions have never been so exposed,” says Marten Mickos, CEO of HackerOne.
“As attack surfaces grow, so does the gap between what digital assets organizations own and what they can protect. HackerOne is closing that gap and keeping its customers out of harm’s way in a way that no other mechanism can accomplish,” added Mickos.
Demand for HAckerOne’s services is surging
Traditionally conservative organizations have a burgeoning appetite to use ethical hacking solutions to defend these digital attack surfaces. Leading financial services and government organizations – including the US, UK and Singapore Defense agencies – continue to experience significant growth with a 62 percent and 89 percent increase in program adoption, respectively.
“In the past 12 months, we have identified over 17,000 high or critical vulnerabilities for our customers that could otherwise have been gaping holes for adversaries to enter through. To fuel our accelerating growth, we welcome GP Bullhound as our newest investor with their experience in supporting the most significant names in the global technology world,” said Marten Mickos.
Per Roman, Managing Partner at GP Bullhound, said, “HackerOne is revolutionizing the way in which companies reduce their risk of a breach. By leveraging the world’s biggest community of ethical hackers, who have the power and willingness to prevent cyberattacks, and coupling it with their proprietary software, HackerOne is bringing a service to customers that no other vendor can match.”