HackerOne has acquired PullRequest, a code-review-as-a-service platform. 

The deal was announced on Thursday. No financial details have been disclosed.

Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read now

HackerOne is known for its bug bounty platform, a system for security researchers to privately disclose vulnerabilities in services and software to vendors in return for credit and financial rewards. 

However, the organization has also branched out into vulnerability management, cloud environment protection, and application security services. 

Customers include General Motors, GitHub, Google, Microsoft, and PayPal. 

Founded in 2017, PullRequest provides on-demand code reviews by engineers to thousands of organizations. By having more eyes on code before it goes too far down the production line, it is possible to catch vulnerabilities and errors early -- and before threat actors could potentially exploit them. 

Different languages and frameworks, including Go, Python, PHP, and JavaScript, are supported across web, mobile, and other platforms. 

The company previously raised$12.7 million in funding. 

According to HackerOne, the acquisition of PullRequest "builds upon HackerOne's focus on reducing [its] customers' attack resistance gap -the space between what organizations can defend and what they need to defend."

This "will ultimately help customers release trustworthy software faster by embedding expert security reviewers within their software development lifecycle," the company added. 

HackerOne CTO Alex Rice says that there is a shift occurring from reactive security -- finding and patching bugs after code has been published -- to a "developer-first" model that will attempt to eradicate vulnerabilities far sooner in software development cycles. 

Rice commented:

"Over 70% of organizations claim to integrate aspects of security earlier in development to minimize their attack resistance gap, yet less than 25% of security issues are found during development.

Clearly, something more is needed. We're bringing feedback from security experts to the developer workflow so they can quickly fix bugs and get back to building."

See also

• HackerOne expands Internet Bug Bounty project to tackle open source bugs
  
• Seven hackers have now made a million dollars each from bug bounties, says HackerOne
  
• It's time to stop hoping that cybersecurity problems will just go away
  

---

Have a tip?Get in touch securely via WhatsApp Signal at +447713 025 499, or over at Keybase: charlie0

---

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next

• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone
• The best VPN services: How do the top 5 compare?
• How to find out if you are involved in a data breach -- and what to do next