Case Study: Upserve resolves 85+ bugs and strengthens customer data security with HackerOne

Upserve Resolves Over 85 Bugs in Two Years Thanks to Hackers

Upserve is a cloud restaurant management platform used by over 10,000 restaurants to run POS, payments and guest services, so protecting payment cards and sensitive customer and business data is critical. To formalize vulnerability disclosures and broaden engagement beyond ad‑hoc reports, Upserve partnered with HackerOne to launch a bug bounty program that taps external security researchers for diverse testing perspectives.

After transitioning from a private to a public program, Upserve resolved more than 85 valid vulnerabilities in two years and paid $68,000 in bounties; public disclosures further increased hacker participation and unearthed new issues. The program now complements internal code reviews, threat modeling and pentesting, helping Upserve harden designs, improve its SDLC and strengthen overall customer trust.

Upserve

Bryan Brannigan

Information Security Officer