Mercado
Libre’s
Journey
to a Public
Bug Bounty
Program
The Digital Economy’s Impact
On Your Attack Surface
- Mercado Libre, host of the largest online commerce and payments
ecosystem in Latin America, first engaged HackerOne in 2017 to ensure they
could meet critical security objectives such as delivering secure software
fast enough to meet growing market demand and improving production
security across the software development lifecycle (SDLC). Mercado Libre
started with two private programs, HackerOne Bounty and HackerOne
Response, and also leveraged HackerOne Triage as they began their
journey into the powerful world of ethical hacker engagements.
-
Six years later, the team at HackerOne is delighted to announce the launch
of Mercado Libre’s Public Bug Bounty Program. After six years of private VDP
and Bug Bounty, Alejandro Federico Iacobelli, Application Security Director
at Mercado Libre, offers many practical insights and learnings from his
programs.
- Leading up to this latest milestone in Mercado Libre’s security journey,
Iacobelli shared his written reflections on the early days of their
crowdsourced security program, how they continue to improve their
program and SLAs, the importance of the relationship between his team
and the hacker community, and why he’s taking his program public now
- We’re excited to share Iacobelli’s learnings with other current and future
bug bounty program leaders, as well as introduce Mercado Libre’s public
program to the global hacker community.
I will receive information, tips, and offers about Office and other
Technology Trends products
and services. Privacy
Statement.
White Paper from
Technology Trends
* - marks a required field