General Motors Chooses Vulnerability Coordination and Bug Bounty Platform HackerOne
January 10, 2016
Global motoring brand General Motors (GM) has chosen vulnerability coordination and bug bounty platform HackerOne to establish a public security vulnerability disclosure program for them. The program is the first of its kind in Detroit – home of the United States’ motor industry – and is intended to help form partnerships between GM and external security researchers to speed up its ability to find and deal with security issues.
HackerOne, which has headquarters in San Francisco, California, United States, was established by security experts that had previous worked at Microsoft, Google, and Facebook. The company’s services “empower companies to protect consumer data, trust and loyalty” by utilizing the support of the worldwide research community to establish a company’s “most relevant security issues”.
HackerOne was chosen to be part of GM’s program as a result of its ongoing relationship with security researchers and the company will host GM’s web portal which will manage vulnerability disclosures. The move underscores the extent to which GM regards third-party security research. The company’s latest move allows third parties to reveal vulnerabilities and GM will promise not to take legal action against them.