HackerOne

hackerone is a vulnerability coordination and bug bounty platform that enables organizations to connect with a vast community of cybersecurity researchers to identify and resolve security vulnerabilities hackerone is a leading security platform that specializes in hacker powered security through bug bounty programs and vulnerability disclosure the hackerone connector for swimlane turbine enables users to automate the retrieval of detailed analytics data from hackerone, providing insights into vulnerability trends, hacker activity, and program effectiveness within specified timeframes and intervals by integrating with hackerone, swimlane turbine users can streamline their vulnerability management processes, enhance their security posture by leveraging real time data, and make informed decisions based on comprehensive security metrics this connector simplifies the process of fetching and analyzing security data, allowing users to focus on strategic response and proactive defense limitations none to date supported versions this hackerone connector uses the latest version api additional docs hackerone api documentation link https //api hackerone com/hackerone authentication link https //api hackerone com/getting started/#getting startedgenerate api token link https //docs hackerone com/en/articles/8544782 api tokens configuration prerequisites to utilize the hackerone connector within swimlane turbine, ensure you have the following prerequisites http basic authentication with the following parameters url the endpoint url for the hackerone api username your hackerone account username api key a valid api key generated from your hackerone account for authentication purposes authentication methods http basic authentication the hackerone connector uses the http basic authentication method to connect to the hackerone api to set up http basic authentication, you need the following parameters username the api token identifier used as username for authentication password the api token value used as the password for authentication url the base url of the hackerone api capabilities this hackerone connector provides the following capabilities query analytics query analytics hackerone's documentation for this action can be found here https //api hackerone com/use cases/#program analytics configurations hackerone basic auth authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username the api token identifier used as username for authentication string required password the api token value used as the password for authentication string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions query analytics retrieve analytics data for a specified key within a given time range and interval from hackerone endpoint url v1/analytics method get input argument name type required description key string required filter by the query key you want to fetch data for start at string required the start date of the query as a string, inclusive format yyyy mm dd end at string required the end date of the query as a string, exclusive format yyyy mm dd interval string required the interval to use for the input date range valid intervals are month, quarter, or year team id string optional filter by a team/program id if no team id is provided, then data will be for all teams/programs in the organization organization id string optional filter by an organization id output parameter type description status code number http status code of the response reason string response reason phrase data array response data keys array output field keys values array value for the parameter 0 string output field 0 1 string output field 1 example \[ { "status code" 200, "reason" "ok", "json body" { "data" \[] } } ]