Bug bounty and penetration testing startup HackerOne has raised $49 million at Series E following a year of massive cloud adoption fueled by work-from-home orders.
The company — which mediates between hackers finding security issues and companies keen to fix them — said its recent growth was driven by a rise in zero-day vulnerabilities like the flaw in the ubiquitous open source logging platform Log4j, which put the internet on notice ahead of the December holiday. The number of cloud misconfigurations that can lead to exposed systems or user data doubled in the past year, the company said.
The company said it has identified over 17,000 high or critical vulnerabilities over the past year that otherwise could have resulted in compromise, with over 2,000 vulnerabilities dropped in December following the disclosure of the Log4j bug.
HackerOne CEO Marten Mickos said as attack surfaces grow, companies and governments have “never been so exposed.”
The company said it plans to use the funding to invest in research and development and to expand its go-to-market efforts.
The $49 million Series E puts the total amount raised by HackerOne at close to $160 million since the company’s founding in 2012. The round was led by GP Bullhound, with participation from existing investors Benchmark, NEA, Dragoneer Investment Group, and Valor Equity Partners.
Since launching in 2012, HackerOne provides its bug bounty offering to customers including U.S. Department of Defense, Google, Dropbox, Microsoft, and Twitter.