Case Study: A.S. Watson strengthens digital security with HackerOne

How Ethical Hackers Help AS Watson Address Digital Risk

A.S. Watson Group, the world's largest international health and beauty retailer, faced the significant cybersecurity challenge of protecting its vast digital presence and highly valuable customer data from growing cyber threats. To address the expanding attack surface created by its digital transformation and O+O (Offline plus Online) strategy, the company partnered with the vendor HackerOne and implemented its HackerOne Bounty bug bounty program.

The solution involved engaging HackerOne's global community of ethical hackers to continuously test and identify vulnerabilities. This provided A.S. Watson with creative insights that helped harden its attack surface, mitigate risks like credential stuffing, and increase its security maturity. The vendor's program delivered measurable results, including a decrease in valid vulnerability reports over time, cost savings compared to traditional penetration testing, and the development of a new secure code training program that improved the quality of its software development lifecycle.

A.S. Watson

Chief Information

Security Officer (CISO)