Sportswear retailer On shares how they outsmart cybercriminals. [Watch On-Demand Webinar Now]
Human-led security, built for retail & e-commerce
Relentless cybercriminals put your customer trust
and your hard-earned reputation at risk—and
traditional security tools miss the most novel and
elusive bugs. You need a proactive, human-led
approach to uncover critical vulnerabilities before
bad actors do.
Retail & e-commerce leaders trust HackerOne
We want to have as many people as possible looking for ways to infiltrate our systems and vulnerabilities in the software that we build. By having an open and transparent bug bounty program we're able to ensure that if someone does find a security issue they come to us with it first.
Several times, hackers helped us with different types of vulnerabilities related to eCommerce. One example of this was when we wanted to roll out an anti–credential stuffing tool, and hackers helped us find the weak spots and mitigate them.
As we evolved our vulnerability management process, we realized a missing component was an easy way for an external security researcher to report an issue. HackerOne has helped fill that gap, helping us further mature our approach to vulnerability management.
Retail receives an above-average number of reports for cross-site scripting vulnerabilities. Find out why.
your industry stacks up against the top 10 vulnerability stats on the HackerOne Platform
The most common attack types against retail companies include:
- Information disclosure
- Cross-site scripting (XSS)
- Improper access control
- Insecure direct object reference (IDOR)
percentage of ethical hackers dedicate time to your industry’s programs
Whyethical hackers choose one program over another
WhereAI fits into your security equation
How to outpace cybercrime with HackerOne
