Is the ecommerce and retail industry a pioneer or a laggard in using hacker-powered efforts in the fight against cyber criminals? And how does your retail company stack up against others in the industry?

Find out with this new report, specifically for the ecommerce and retail industry, and using data culled from more than 800 hacker-powered security programs, over $20 million in awarded bounties, and over 50,000 resolved security vulnerabilities.

Hacker Powered Security Report for Retail

Based on the groundbreaking and cross-industry Hacker-Powered Security Report 2019, this new industry-specific report examines the broadest platform data set available and helps to explain why ecommerce and retail companies like Shopify, Instacart, and others are turning to continuous, hacker-powered security to protect their customers, brand, and products.

Download The Hacker-Powered Security Report for Retail

What’s in the Report

Progressive retailers are pioneering this industry’s entry into hacker-powered security programs. And, proving that they’re in it to win it, retailers are at or near the top in several key metrics.

The report details how ecommerce and retail companies are showing growth in bug bounty program launches, and how they compare with other industries in bounty award values, types of vulnerabilities found, and time to bug resolution and award payouts. You’ll even learn how ecommerce and retail bug bounty programs compare across bounty values and payout trends.

Key Highlights

You’ll have to download and read the full report for all of the details, but here are a few interesting hints to what you’ll find:

  • The number of hacker-powered security programs in the ecommerce and retail industry has roughly doubled in each of the past two years.
  • In the past year, ecommerce and retail programs were faster than every other industry at resolving vulnerabilities.
  • Less than one in ten hacker-powered security programs in ecommerce and retail are open to the public.
  • The average bounty paid by ecommerce and retail organizations for a critical issue was more than 80 percent higher than the cross-industry average.

Retailers are quickly adopting and using hacker-powered security, ranking this industry third in total bounties paid. In this report, you’ll see how retailers compare with other industries, where they lead, and where they lag. You’ll also be able to see how your company stacks up against others in the ecommerce and retail industry.

Get the Report

Discover even more details on how hacker-powered security is shaping the security posture of ecommerce and retail companies.

Download The Hacker-Powered Security Report for Retail

If you’re considering a hacker-powered component for your own security program, here’s another great metric: 95% of HackerOne customers would recommend such a program to their peers! Talk to us today to learn more.


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.

Posted by Charlie