CHICAGO — Hyatt Hotels Corporation has launched a public bug-bounty program with HackerOne. Through the program, ethical hackers are invited to test Hyatt websites and mobile apps for potential vulnerabilities and securely disclose them to Hyatt.
Though its partnership with HackerOne, Hyatt is able tap into the vast expertise of the security-research community to accelerate identifying and fixing potential vulnerabilities.
“At Hyatt, protecting guest and customer information is our top priority and launching this program represents an important step that furthers our goal of keeping our guests safe every day,” says Benjamin Vaughn, Hyatt’s Chief Information Security Officer.
Through the bug-bounty program, security researchers will be able to earn cash rewards for reporting valid security flaws on hyatt.com, m.hyatt.com, world.hyatt.com and the iOS and Android versions of the Hyatt mobile app. All ethical hackers that have agreed to HackerOne’s terms and conditions and adhere to disclosure guidelines are eligible to participate in this program.
“Bug-bounty programs are a proven method for advancing an organization’s cyber-security defenses, trusted by leading enterprises across industries,” says Marten Mickos, CEO, HackerOne. “In today’s connected society, vulnerabilities will always be present. Organizations like Hyatt are leading the way by taking this essential step to secure the data they are trusted to hold.”
