Your bug bounty program just got a direct line into Chariot. We are excited to announce our new HackerOne integration, bringing vulnerability reports and program scopes into your unified attack surface view — automatically.

Once connected, Chariot pulls in every vulnerability report from your HackerOne programs and maps them directly to risks in your environment. Severity ratings, CVSS scores, CWE classifications, report states, and researcher details all come through intact. No more toggling between platforms to get the full picture. And as reports move through HackerOne workflow — from triage to resolution — Chariot stays in sync, so your risk posture is always current.

But it does not stop at vulnerabilities. The integration also imports your HackerOne program scopes — domains, URLs, IP addresses, and CIDR ranges — as seeds in Chariot. That means the same assets your bug bounty researchers are testing are now under continuous discovery and monitoring. Nothing slips through the cracks between your external testing program and your internal attack surface management.

Getting started takes minutes. Head to the Integrations page in Chariot, select HackerOne, enter your API credentials, and data starts flowing immediately.