Expedited security research meets the
industry leading vulnerability reporting platform
From the early contributions to the Apache Maven project to the
The Central Security Project is a partnership between Sonatype and HackerOne. Bringing Sonatype's superior data research capabilities together with HackerOne's unique reporting platform, we are simplifying the vulnerability reporting process and allowing developers and security researchers to resolve issues faster than ever.
HackerOne was started by security leaders who are driven by a passion to make the internet safer. Their platform is the industry standard and they partner with the global hacker community to surface the most relevant security issues before they can be exploited by criminals.
Combining our strengths provides the developer and research communities with the power to accelerate vulnerability fixes and a peaceful resolution to a frustrating problem.
Central Security Project + HackerOne = reducing the open source code risk worldwide.