Case Study: Priceline.com resolves 400+ vulnerabilities and strengthens customer trust with HackerOne

Priceline.com - Customer Case Study

Priceline, a global travel leader connecting millions of travelers with hotels, flights and rental cars, needed to safeguard large volumes of sensitive customer and payment data and keep pace with evolving attack techniques. To consolidate disparate researcher reports and strengthen customer trust, the company launched a public bug bounty program covering Priceline.com, PPN affiliate sites and mobile apps.

Priceline partnered with HackerOne so researchers’ submissions are triaged and validated externally, letting the security team focus on remediation. Since launch the program has driven continuous, global testing and early signals of new techniques—resulting in 400+ bugs resolved, 300+ rewarded reports, over $80,000 paid out (with rewards increased in response to results), and fixes for high-value issues such as remote code execution, logic flaws and mobile vulnerabilities.

Priceline.com

Matt Southworth

CISO