Curated security reports without the hassle.
Use Cases and Deployment Scope
We've been trying to find a solution for finding vulnerabilities in our infrastructure in a well organized way. Previously we've been dealing with reports in-house, and that simply took too much time out of our developers day-to-day life to check and validate if they were actionable or not, then we also had to deal with the bounties on a case by case basis, which was just too tedious. Hackrate offered the perfect solution: a managed way of dealing with reports by providing curated vulnerability/bug reports, making them instantly actionable, saving us a lot of time.
Pros
- Ease of use
- Communication with the Hackrate team
- Well defined rules that were helpful in determining which areas we want to focus on.
Cons
- The customer portal was a little bit confusing to use at first.
- We did not have an integration with our ticketing system, so creating the tickets in our system was a manual task.
Likelihood to Recommend
Any scenario where having an ethical hacking program is crucial, but you simply do not have the manpower, capability, or know-how on how to deal with reporters or the reports, or verify if the reported issues are as serious as the reporters say. It's an easy way to offload work from your team to professionals who are always ready to help.
