Case Study: General Motors achieves stronger vehicle cybersecurity and resolves 700+ vulnerabilities with HackerOne

How GM works with hackers to enhance their security

General Motors, a 110-year-old automaker now building millions of highly connected and semi‑autonomous vehicles, faced rapidly growing cybersecurity risks across cars, dealerships, suppliers and other systems. The scale and complexity of modern vehicle technology — plus practical barriers for outside researchers (for example, needing a car to test vehicle systems) — made it difficult to surface and remediate vulnerabilities quickly.

GM centralized its cybersecurity organization, created a VP of Global Cybersecurity and partnered with HackerOne, launching a public Vulnerability Disclosure Policy in January 2016 and later expanding to private bounties and Red Team lab access. By tapping 500+ researchers, GM has resolved 700+ vulnerabilities, accelerated remediation of high‑impact issues, extended protections to suppliers and dealerships, and established industry leadership in hacker‑powered security with strong executive support.

General Motors

Jeff Massimilla

Vice President Global Cybersecurity