Cybersecurity startup HackerOne secures $49M to connect businesses with the world’s top ethical hackers

HackerOne, a bug bounty and penetration testing startup that provides direct access to the world’s top ethical hackers, has raised a $49 million Series E following a year of massive growth.

The funding, which brings the company’s total funding to nearly $160 million, was led by GP Bullhound with participation from existing investors, including Benchmark, NEA, Dragoneer Investment Group, and Valor Equity Partners, also participated in the round. The company plans to use the funding proceeds to invest in research and development and expand go-to-market activities.

The latest funding announcement follows an eventful year in cybersecurity, culminating in the Log4j vulnerability in December 2021. In the first month of the zero-day dropping, 612 hackers submitted 2,175 potential vulnerabilities to HackerOne customers. Customers across the board also saw a 97% increase in reports for misconfigurations in 2021, underscoring how digital transformation and cloud migrations have increased organizations’ risk.

Founded over a decade ago by Alex Rice, Jobert Abma, Merijn Terheggen, and Michiel Prins, HackerOne’s bug bounty solutions help organizations reduce the risk of a security incident by working with the world’s largest community of ethical hackers. HackerOne also offers a solution that helps organizations in creating vulnerability disclosure and response programs.

The startup also mediates between hackers and companies interested in testing their online vulnerabilities. They partner with the global hacker community to surface the most relevant security issues of their customers before they can be exploited by criminals.

In recent years, there is a growing appetite in traditionally conservative organizations to use ethical hacking solutions to defend these digital attack surfaces. Leading organizations in financial services and government – including the US, UK, and Singapore Defense agencies – continue to experience significant growth with a 62% and 89% increase in program adoption respectively.

HackerOne said it has seen a rapid uptick in the adoption of HackerOne Assessments: Application Pentest for AWS, launched in August, to address issues in applications deployed on AWS. The company also expanded its Internet Bug Bounty initiative to support vulnerability management in the open-source software supply chain, garnering key participants: Elastic, Facebook, Figma, Shopify, and TikTok. HackerOne received recognition for its innovative role in helping organizations improve their cybersecurity programs, being named as a ‘brand that matters’ by Fast Company.

“With Log4j, ransomware, and nation-state attacks, governmental institutions have never been so exposed,” says Marten Mickos, CEO of HackerOne. “As attack surfaces grow, so does the gap between what digital assets organizations own and what they can protect. HackerOne is closing that gap and keeping its customers out of harm’s way in a way that no other mechanism can accomplish. In the past 12 months, we have identified over 17,000 high or critical vulnerabilities for our customers that could otherwise have been gaping holes for adversaries to enter through. To fuel our accelerating growth, we welcome GP Bullhound as our newest investor with their experience in supporting the most significant names in the global technology world.”

Per Roman, Managing Partner at GP Bullhound, said: “HackerOne is revolutionizing the way in which companies reduce their risk of a breach. By leveraging the world’s biggest community of ethical hackers, who have the power and willingness to prevent cyberattacks, and coupling it with their proprietary software, HackerOne is bringing a service to customers that no other vendor can match. GP Bullhound’s investment in this pioneering category leader is our contribution to securing the online world.”