How the Automotive Industry is Working with Hackers to Improve Security

© HackerOne | Privacy | Terms

Automotive News predicts that “virtually all vehicles will have some form of connectivity by 2020.” This is exciting and scary: how do you secure your vehicle from cyber attacks when you have a tangled web of proprietary and shared software, hardware, data, clouds, and more, all contributing to a vehicle’s risk profile?

This report goes through  just a few regulatory and industry bodies that have published guidance on engaging with cybersecurity researchers: 

  • The U.S. Department of Transportation encourages the auto industry to develop programs “for engaging with cybersecurity researchers as an additional tool for cyber threat identification and remedy.” 
  • The National Highway Traffic Safety Administration published “Cybersecurity Best Practices for Modern Vehicles,” which prods automakers to “consider creating their own vulnerability reporting/disclosure policies.”
  • Alliance of Automobile Manufacturers advocy group has promoted hackathons and been involved with the DEF CON and Black Hat conferences. 
  • The Association of Global Automakers, promotes hacker-powered security in their “Framework for Automotive Cybersecurity Best Practices,” 
  • Cybersecurity is in most, and should be in all, cases a boardroom issue” according to Faye Francy, Auto-ISAC Executive Director.  

This report will show you how to take the above guidance into action, being able to quickly reap the benefits of risk reduction and compliance by working with ethical hackers through HackerOne.


Why the US Department of Transportation recommends engaging with ethical hackers
How top automotive brands have created a way for external researchers to report vulnerabilities.
Why hackers have become an essential part of the General Motors security ecosystem. 
Tips and advice from Auto-ISAC on how to get started working with hackers today. 
The 2018 Hacker Report