Case Study: General Motors (GM) strengthens automotive cybersecurity and resolves 700+ vulnerabilities with HackerOne

How GM Works With Hackers to Enhance Their Security

General Motors, a 110‑year‑old automaker that sells millions of highly connected vehicles each year (including millions with 4G LTE and semi‑autonomous features), faced a rapidly growing and complex cybersecurity attack surface as it moved into electrification and advanced connected systems. That breadth of technology — spanning vehicles, dealerships, suppliers and infotainment platforms — created significant security challenges beyond traditional automotive concerns.

To address this, GM centralized cybersecurity under a VP of Global Cybersecurity and partnered with HackerOne, launching a public vulnerability disclosure policy in 2016 and expanding into private bug bounties and lab access for researchers. The hacker‑powered approach—more than 500 researchers engaged—helped GM find and fix 700+ vulnerabilities, speed remediation, extend protections to suppliers and dealers, and establish GM as an industry leader in automotive cybersecurity.

GM

Jeff Massimilla

Vice President Global Cybersecurity