HackerOne
Overview
Section titled “Overview”Integrate your Risk Register with HackerOne. This integration imports bug bounty reports as risk records, allowing you to manage vulnerabilities discovered through your HackerOne program.
- Source: Bug Bounty
- Type: Control Deficiency
- Opened By: “HackerOne Integration”
The integration can be enabled directly from your Adversarial tenant via Settings > Integrations. The necessary details to connect your HackerOne environment are the API Token and your program handle.
Status Mapping
Section titled “Status Mapping”HackerOne report states are mapped to Adversarial risk statuses:
| HackerOne State | Adversarial Status |
|---|---|
New | New |
Pending Program Review | New |
Triaged | New |
Needs More Info | Closed |
Resolved | Closed |
Not Applicable | Closed |
Duplicate | Closed |
Informative | Closed |
Spam | Closed |
Retesting | Closed |
Severity Mapping
Section titled “Severity Mapping”HackerOne severity rating maps to Adversarial Initially Reported Urgency (IRU):
| HackerOne Severity | Adversarial IRU |
|---|---|
| Critical | Critical |
| High | High |
| Medium | Medium |
| Low | Low |
Fields
Section titled “Fields”| HackerOne Field | Adversarial Field | Notes |
|---|---|---|
title | Title | |
vulnerability_information | Description | Prefixed with a link to the HackerOne report |
submitted_at | Discovered Date | |
severity.rating | IRU | Via severity mapping above |
| (static) | Source | Always “Bug Bounty” |
| (static) | Type | Always “Control Deficiency” |