HackerOne
Overview
Section titled “Overview”Real-time updates with async data flow — this process creates risk records in Adversarial automatically from the HackerOne platform. The HackerOne integration allows you to manage vulnerabilities discovered through your HackerOne reports. Creates Risk records in the Risk Register aligned with your Bug Bounty findings.
- Source: Bug Bounty
- Type: Control Deficiency
- Opened By: “HackerOne Integration”
The integration can be enabled directly from your Adversarial tenant via Settings > Integrations. The necessary details to connect your HackerOne environment are the API Token and your program handle.
Data Flow
Section titled “Data Flow”This is a one-way, ingest-only integration:
- New records in HackerOne are automatically synced.
- Subsequent updates are reflected in the Adversarial RSK record.
- Changes in Adversarial do not impact HackerOne.
Status Mapping
Section titled “Status Mapping”HackerOne report states are mapped to Adversarial risk statuses:
| HackerOne State | Adversarial Status |
|---|---|
New | New |
Pending Program Review | New |
Triaged | New |
Needs More Info | Closed |
Resolved | Closed |
Not Applicable | Closed |
Duplicate | Closed |
Informative | Closed |
Spam | Closed |
Retesting | Closed |
Severity Mapping
Section titled “Severity Mapping”HackerOne severity rating maps to Adversarial Initially Reported Urgency (IRU):
| HackerOne Severity | Adversarial IRU |
|---|---|
| Critical | Critical |
| High | High |
| Medium | Medium |
| Low | Low |
Fields
Section titled “Fields”| HackerOne Field | Adversarial Field | Notes |
|---|---|---|
title | Title | |
vulnerability_information | Description | Prefixed with a link to the HackerOne report |
submitted_at | Discovered Date | |
severity.rating | IRU | Via severity mapping above |