Case Study: Riot Games strengthens game security and uncovers critical vulnerabilities with HackerOne

Why Riot Games Pays Hackers to Break Them

Riot Games, maker of League of Legends, needed a reliable way to find and fix security vulnerabilities before malicious actors could exploit them. Facing the reality that unknown bugs are the biggest risk, Riot sought a proactive, scalable approach to protect its players and services.

Riot partnered with HackerOne to run a bug bounty program that treats researchers with clear rules, respect, and simple processes. The program has paid out more than $1 million — including awards over $10,000 for serious findings — and has strengthened Riot’s security posture by bringing vetted, motivated researchers into its security ecosystem.

Riot Games

David Rook

Product Lead of Application Security