Case Study: Qualcomm achieves stronger product security and faster vulnerability discovery with HackerOne

Qualcomm - Customer Case Study

Qualcomm, a leading maker of processors, modems and wireless silicon used across smartphones and IoT devices, faced the challenge of securing components that appear inside many manufacturers’ products—making it difficult for researchers to attribute and report vulnerabilities. To do bug bounties right they also needed a mature incident‑response process, an established secure development lifecycle, and tight internal alignment across engineering, legal and executive teams.

Qualcomm partnered with HackerOne to run a private, invitation‑only vulnerability rewards program that engages trusted researchers, emphasizes direct communication and rapid response, and feeds findings back into gap analyses and their secure development lifecycle. In the program’s first three months Qualcomm received high‑quality reports, paid about $80,000 in rewards, reduced noise from out‑of‑scope submissions, and used researcher feedback to improve product security.

Qualcomm

Alex Gantman

Vice President, Engineering