Market Overview

Zomato Boosts Cybersecurity Across Web and Apps With HackerOne


Leading Restaurant Search and Reservations Service Resolved Nearly
400 Security Vulnerabilities in 12 Months Thanks to Hackers

the global hacker-powered security leader, today announced that Zomato
— leading restaurant search and discovery service — has boosted security
of its web and mobile applications through its bug bounty program on
HackerOne. In the first 12 months of its public bug bounty program,
Zomato resolved nearly 400 security vulnerabilities to protect customers
and has surpassed $100,000 in bounties paid to ethical hackers. To mark
the program's successful anniversary, Zomato's security team also
awarded its top hacker a $1,500 bonus for his contributions over the
past year.

The India-based restaurant search and discovery service operates in 24
countries, including the United States, Australia, United Kingdom,
Canada, India, Turkey, UAE, Qatar, Portugal, South Africa, New Zealand,
and more. It's security team, lead by Prateek
, is tasked with protecting sensitive information for over 55
million monthly visitors and 2,000 employees.

Since launching its bug bounty program in July 2017, the company has
paid out over $100,000 to over 350 hackers for their efforts, all while
maintaining an average response time of 4 hours — 18 times faster than
the average managed program on HackerOne, placing Zomato among the most
responsive programs on the platform.

"We had one goal at the start of the bug bounty program, which was to
make Zomato more secure and with every single report resolved, we're
getting closer to this goal," said Tiwari. "The results over the past
year with HackerOne have been outstanding and have exceeded our
expectations. With help from the hacker community through the bug bounty
program, Zomato was also able to adjust internal processes and
standards, improve our performance and consistency at scale."

In recent months, Zomato's apps were added to the Google
Play Security Reward Program (GPSRP)
, providing an opportunity for
hackers to earn up to a $5,000 bonus for specific vulnerability types.
GPSRP is a bug bounty program offered by Google Play, in collaboration
with HackerOne and the developers of certain popular Android apps. It
recognizes the contributions of security researchers who invest their
time and effort in helping make apps on Google Play more secure.

To learn more about Zomato's bug bounty program, visit

About HackerOne

HackerOne is the #1 hacker-powered
security platform
, helping organizations find and fix critical
vulnerabilities before they can be exploited. More Fortune 500 and
Forbes Global 1000 companies trust HackerOne than any other
hacker-powered security alternative. The U.S. Department of Defense,
General Motors, Google, Twitter, GitHub, Nintendo, Lufthansa, Panasonic
Avionics, Qualcomm, Starbucks, Dropbox, Intel, the CERT Coordination
Center and over 1,000 other organizations have partnered with HackerOne
to resolve over 76,000 vulnerabilities and award over $32M in bug
. HackerOne is headquartered in San Francisco with offices
in London, New York, and the Netherlands.

For a comprehensive look at the industry based on the largest repository
of hacker reported vulnerability data, download the The
Hacker-Powered Security Report 2018

About Zomato

is a restaurant search and discovery app,
providing in-depth information for over 1 million restaurants across 24
countries and serves more than 50 million users every month. Zomato is
used by consumers globally to discover, rate, and review restaurants, as
well as create their own personal networks of fellow food enthusiasts
for trusted recommendations.

In addition to restaurant search and discovery, Zomato has expanded its
offering to– Online
, Table
, and subscription based programs like Zomato
, creating cutting-edge technology to connect restaurant
businesses and customers in ways that will revolutionise the restaurant

Download the Zomato app: iOS
· Android
· Windows

View Comments and Join the Discussion!