Case Study: Coinbase achieves an industry-leading bug bounty program with HackerOne

Coinbase Finds Security and Success With Bug Bounties

Coinbase, a leading cryptocurrency exchange, needed to keep its platform secure against high-impact vulnerabilities while attracting top white‑hat talent. They launched a bug bounty program in 2012 and moved it onto the HackerOne platform in 2014 to scale coordinated vulnerability discovery and remediation.

Using HackerOne’s bug bounty and vulnerability coordination services, Coinbase ran a sustained program that paid out more than $175,000 in bounties over five years and recently rebalanced payouts to remain top‑of‑market—raising the top bounty to $50,000 for remote code execution. The initiative reinforced Coinbase’s hacker‑powered security approach and public commitment to bug bounties, highlighted in their “Coinbase Loves Bug Bounties” blog post.

Coinbase