HackerOne Integration

Overview

Consolidate your bug bounty vulnerability reports and program scopes from HackerOne directly into the Praetorian Guard platform — bridging the gap between crowdsourced security testing and your continuous attack surface management.

What It Does

Connect your HackerOne account to automatically import vulnerability reports as risks and program scopes as discovery seeds. The integration pulls reports from every bug bounty program your API credentials can access, maps HackerOne severity and state to Praetorian Guard risk classifications, and imports in-scope assets so your security team has a single source of truth.

Key Benefits

• Unified Risk View - Bug bounty vulnerabilities appear alongside scanner findings and manual assessments in one risk inventory

• Automatic State Mapping - HackerOne report states (triaged, resolved, not-applicable) map directly to Praetorian Guard risk statuses, keeping everything in sync

• Severity Preservation - CVSS scores, CWE classifications, and severity ratings carry through from HackerOne to your risk records

• Scope-to-Seed Conversion - In-scope URLs, domains, IPs, and CIDRs from your HackerOne program automatically become discovery seeds, ensuring your attack surface monitoring covers the same targets researchers are testing

• Rich Context - Each imported risk includes the vulnerability description, impact assessment, reporter, and report metadata as proof artifacts

How to Get Started

1. Navigate to Integrations and select HackerOne

2. Enter your HackerOne API identifier and API token

3. Save — reports from all accessible programs are imported as risks, and eligible scopes become discovery seeds

Requirements

• HackerOne account with API access enabled

• API identifier and API token with report and program scope read permissions