Future Trends

HackerOne Secures Tailored LI-SaaS Authorization From FedRAMP

HackerOne Secures Tailored LI-SaaS Authorization From FedRAMP

The Federal Risk and Authorization Management Program has granted HackerOne a tailored low impact-software as a service authorization for its full suite of hacker-powered security solutions.

With the tailored LI-SaaS authorization in tow, federal agencies can now access HackerOne’s hacker-powered security offering through the FedRAMP marketplace. The FedRAMP authorization builds on the company’s extensive work with the federal government, which dates back in 2016 with the first crowdsourced security initiative known as “Hack the Pentagon,” HackerOne posted.

Additionally, the clearance allows the company to keep in step with a 2019 mandate released by the Department of Homeland Security that calls on federal agencies to create vulnerability disclosure programs for their public-facing websites.

“This authorization underscores the momentum that HackerOne has achieved in the federal government and demonstrates our ability to help make our public sector customers’ digital transformations into security transformations,” Lynn Chia, director of federal at HackerOne, said.

Following the success of its Hack the Pentagon initiative, HackerOne operated a number of bug bounty challenges for the DoD, including Hack the Army, Hack the Army 2.0, Hack the Air Force, Hack the Air Force 2.0, Hack the Air Force 3.0, Hack the Defense Travel System, and Hack the Marine Corps. The ethical hacking company has also been running an ongoing VDP for the DoD’s public-facing system with over 12K valid vulnerabilities discovered thus far.

The General Service Administration, which sponsored HackerOne’s FedRAMP authorization, was the first federal agency to use hacker-powered security solutions in 2017. The partnership remains strong, as the company continues to operate a bug bounty program for GSA.

Outside the U.S., HackerOne has partnered with Singapore’s Ministry of Defense and Government Technology Agency, the European Commission and the U.K. National Cyber Security Centre.

Category: Future Trends

Tags: cloud Department of Defense Federal Risk and Authorization Management Program FedRAMP Future Trends General Service Administration hacker-powered security platform HackerOne LI-SaaS Lynn Chia security assessment Tailored Low Impact-Software as a Service