HackerOne’s Hai accelerates vulnerability validation by 75% with Claude
Industry:
Cybersecurity
Company size:
Medium
Product:
AI Platform
Location:
North America
75% faster validation
Reduces vulnerability validation time from 20 minutes to 5 minutes per report
30-second insights
Delivers actionable security insights in as little as 30 seconds
The problem
The solution
“By combining AI with the expertise of our global researcher community, we’re accelerating remediation and reducing risk at scale.”
Chief Product Officer
HackerOne, a leading cybersecurity platform that enables Continuous Threat Exposure Management (CTEM), helping organizations shift from periodic testing to continuous, risk-based validation of their attack surface. The platform combines AI with the ingenuity of security researchers to find and eliminate security, privacy, and AI vulnerabilities across the software development lifecycle.
To accelerate these processes, HackerOne launched Hai, an agentic AI system helping security teams act faster, fix smarter, and reduce risk at scale.
With Claude, Hai:
- Reduces vulnerability validation time by 75%, from 20 minutes to 5 minutes per report
- Delivers actionable security insights in as little as 30 seconds
- Cuts coordination time between security and development teams by 20-30%
- Processes and analyzes patterns across one of the world's largest vulnerability datasets
Increased risk demands a new approach
Organizations today face increasingly sophisticated attacks. Security teams are overwhelmed by high report volumes, duplicate vulnerabilities, and the need to turn findings into actionable fixes, all while racing against adversaries who evolve daily.
HackerOne evaluated Claude to explore how large language models (LLMs) could help solve long-standing challenges across offensive security. With over a decade of experience and one of the world’s largest repositories of vulnerability data, HackerOne recognized the opportunity for LLMs to map patterns across findings, prioritize the exposures that matter most, and drive faster risk reduction, something traditional tools struggle to do at scale.
Selecting Claude for security-critical workflows
HackerOne chose Claude to power Hai for its ability to deliver advanced reasoning, contextual analysis, and a strong security foundation. These capabilities support continuous, security-specific workflows analyzing exposures, prioritizing what matters, and accelerating remediation with accuracy and trust.
"By combining the power of Anthropic’s Claude with our unmatched dataset of vulnerabilities, we’re showing what the future of AI for security can look like—faster, smarter, and above all, more trustworthy,” said Nidhi Aggarwal, Chief Product Officer at HackerOne. “This is about more than speeding up workflows; it’s about setting a new standard for how enterprises can embrace AI confidently and securely.”
The implementation leveraged Amazon Web Services (AWS) through Amazon Bedrock, enabling an integration into the existing HackerOne AWS environment. This approach accelerated deployment while ensuring alignment with the company’s security and compliance requirements.
Hai transforms threat exposure management with Claude
Hai, integrated with Claude, supports critical tasks from discovery to remediation:
- Report interpretation and analysis: Processes complex technical reports and identifies potential duplicates automatically
- Executive summarization: Generates clear, actionable summaries for stakeholders at all levels
- Contextual guidance: Delivers recommendations tailored to each customer's environment, policy, and historical data
- Pattern recognition: Analyzes findings across HackerOne's vast dataset to spot emerging threats and trends
- Workflow acceleration: Streamlines triage, prioritization, and remediation processes
As a result, Hai helps teams prioritize risk more accurately and communicate findings clearly, combining human-in-the-loop validation and secure-by-design principles without compromising data privacy or program integrity.
Beyond speed improvements, Hai has transformed team collaboration. It streamlines report writing by improving structure, clarity, and completeness for researchers, making it easier to submit high-quality findings across multiple programs. This improvement in report quality creates a virtuous cycle: better reports lead to faster validation, which leads to quicker fixes.
"HackerOne’s mission has always been to build a safer internet. AI is transforming the way organizations innovate, and security must move just as quickly,” said Aggarwal. “By combining AI with the expertise of our global researcher community, we’re accelerating remediation and reducing risk at scale.”
Shaping the future of secure AI development
The partnership between HackerOne and Anthropic extends beyond technology integration. It represents a shared commitment to advancing secure, responsible AI.
"As I look forward to the next few years, Anthropic and HackerOne will continue to work together to try and secure the deployment of what will be one of the most transformative things since maybe the Industrial Revolution: AI," said Jason Clinton, Deputy CISO at Anthropic.
Video caption
Video caption
“By combining AI with the expertise of our global researcher community, we’re accelerating remediation and reducing risk at scale.”
Chief Product Officer
Video caption