Hyatt Hotels recently launched its first bug bounty program at HackerOne, the company that has been working with the Singapore government to strengthen collaboration with the cybersecurity industry and community. The objective was test cyberdefences at the hotel chain which plays host to not only millions of guests, but their data as well.
According to Hyatt’s Chief Information Security Officer (CISO) Benjamin Vaughn, the company’s cybersecurity department is consistently identifying new ways to build on their existing security protocols. This led them to a bug bounty program which the company feels is best able to tap into the expertise of the security research community.
“Following the recommendations of HackerOne, Hyatt ran an invitation-only version of the program for some time. We were very pleased with the results of the private program and this helped inform our decision to launch the program publicly,” said Vaughn.
Hyatt opened a few avenues of challenge for the bug bountry program, namely Hyatt.com, world.hyatt.com, Hyatt mobile app (iOS and Android versions), and m.hyatt.com. Those interested in the scope of the challenge can find more information here.
HackerOne was chosen by Hyatt following a review of the bug bounty marketplace and also an evaluation of a self-run program. HackerOne was chosen for its robust platform, integration possibilities and clear rating system for vulnerabilities.
Bug Bounty programs have been increasing in popularity in highly developed countries as corporates and governments attempt to beef up cybersecurity. HackerOne also recently ran a bug bounty program with the Singapore government which has been moving towards building a secure and resilient Smart Nation.