A read-only public-posture snapshot. We hit hackerone.com the way any anonymous visitor would, recorded what came back, and graded it against modern best practices. This is not a pen test — it covers maybe 5% of what a real assessment would look at. If you own this domain and want the other 95%, the free scan is below.
Across 183 publicly-known SaaS targets we've snapshotted, 36% sit at grade A, and 0% score higher. The grade is absolute, not relative — but seeing where peers cluster makes it concrete.
Surface posture looks clean at this depth. Real attacks usually live deeper.
The full free scan runs ~600 nuclei templates against hackerone.com, checks the authenticated TLS surface, audits headers and DNS, and emails you a PDF with prioritized findings + fix instructions. Three minutes, no signup.
Run the free scan →This snapshot is a public read-only view, like loading the site in a browser. We did not run vulnerability templates, did not test authenticated endpoints, did not attempt to bypass any controls. The data shown is observable by anyone with curl. If you own hackerone.com and want this page removed or refreshed, email security@thecybergrid.com.