Priceline.com (“priceline”), a world leader in online travel deals,
today announced the expansion of its public bug bounty program with HackerOne,
the global leader in hacker-powered security. Priceline has been
operating this program on an exclusive invitation-only basis, and its
success has prompted the travel leader to expand and publicize it, as
well as to boost its incentives.
Through its bug bounty program, priceline has enhanced its comprehensive
cybersecurity strategy by inviting trusted hackers to identify potential
security weaknesses on its e-commerce site. For qualifying security
vulnerabilities, priceline offers monetary awards to thank hackers for
their contributions to its security. As of 2019, priceline raised the
amount of those rewards.
Priceline joins organizations including the U.S. Department of Defense,
Google, Hyatt, Starbucks, Shopify, and others who partner with HackerOne
and the largest hacker community on the planet to surface
vulnerabilities through bug bounty programs.
“Cybersecurity is of critical importance to priceline,” said Matt
Southworth, Chief Information Security Officer at priceline. “This is
why we are enhancing this essential layer of protection with our
expanded bug bounty program. Above all else, we prioritize protecting
the information our customers entrust us with. We have been processing
online transactions for twenty years and customers continue to trust us
with that information. We take that responsibility very seriously.”
Through the bug bounty program, some of the world’s best and aspiring
hackers are invited to identify and report potential security weaknesses
on priceline platforms specifically outlined in the bug bounty program scope.
“Priceline’s customers expect to book the best travel deals with
confidence,” said Marten Mickos CEO HackerOne. “Located in more than 150
countries, the world’s largest hacker community is on their team and
analyzing this same network for security weaknesses. Bug bounty programs
are a proven method for enhancing cybersecurity, and the expansion of
priceline’s program demonstrates the company’s continued commitment to
the latest cybersecurity best practices.”
This program is one element of the extensive strategy priceline has put
in place to safeguard customer data, setting a standard for leveraging
the latest and most innovative approaches to doing so.
Anyone who finds a potential vulnerability in qualifying priceline
domains can report it through the HackerOne program by visiting https://hackerone.com/priceline.
For more information on why Priceline.com works with hackers to reduce
risk, join Matthew Southworth, CISO of Priceline in a live webinar on
April 23 at 10:00 am PT. Register here: https://www.hackerone.com/events/webinar/to-bounty-or-not-to-bounty.
HackerOne is the #1 hacker-powered
security platform, helping organizations find and fix critical
vulnerabilities before they can be exploited. More Fortune 500 and
Forbes Global 1000 companies trust HackerOne than any other
hacker-powered security alternative. The U.S. Department of Defense,
General Motors, Google, Twitter, GitHub, Nintendo, Lufthansa, MINDEF
Singapore, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, the
CERT Coordination Center and over 1,300 other organizations have
partnered with HackerOne to find over 120,000 vulnerabilities and award
over $51M in bug
bounties. HackerOne is headquartered in San Francisco with offices
in London, New York, the Netherlands, and Singapore.
part of Booking Holdings Inc. [NASDAQ: BKNG], is a world leader in
travel deals. Priceline offers exclusive discounts on hotels, flights,
rental cars, cruises and packages. We offer more than a million lodging
properties, helping travelers find the right accommodations at the right
price. We negotiate great deals every day, and put our best pricing on
the priceline app. With free cancellation for many rates, 24-hour
customer assistance and the option for both pre-paid and pay upon
arrival reservations, priceline helps millions of travelers be there for
the moments that matter. For us, every trip is a big deal.