Skip to content

Case Study Technology/Software Industry

HackerOne Transforms Secure Coding Training Into a Developer‑Led Culture

Security Journey Case Study HackerOne Header

How a compliance‑driven program became a visible, energizing part of engineering life — powered by Security Journey.

Download The Case Study
Security Journey Case Study HackerOne Header

The Company

HackerOne is built on security — which meant its internal expectations for secure coding education were higher than simple compliance. Although the company had a training program in place, engagement lagged. Developers completed modules, but learning felt disconnected from real engineering work.

By partnering with Security Journey, HackerOne reframed training from a requirement into a visible, energizing part of engineering culture. The result: stronger participation, renewed curiosity, and a program that now scales across ~100 engineers and anchors onboarding, team identity, and continuous learning.

 

Region

North America

Number of Users

100

Company Size

Mid-Size

Industry

Cybersecurity / Software Technology

Compliance Requirements

SOC 2, ISO 27001, PCI

Case Study at a Glance

  1. The Challenge Training was compliant, but not engaging or meaningfully connected to everyday work.
  2. The Solution Reframed security education with clear structure, visibility, and developer-driven energy.
  3. The Impact Stronger engagement, more consistent participation, and a culture that celebrates security learning.

The Challenge

SJ Case Study HackerOne

  • Training technically met compliance requirements — but it wasn’t driving real learning.

  • Developers completed modules, but engagement was inconsistent.

  • Notifications triggered activity, but also frustration.

  • Training felt disconnected from day‑to‑day engineering

  • Engineers became better at “managing the system” than learning from it

HackerOne needed a program that strengthened skills, not just satisfied checkboxes.

The Solution

We're Here Every Step of the Way

Reframing Security Education

Instead of increasing pressure, HackerOne shifted the philosophy:

  • Focus on engagement, not enforcement

  • Make learning visible, social, and meaningful

  • Measure returning learners, not just completions

  • Build a developer‑centered experience

Structured Foundations

Security Journey provided a clear baseline of foundational paths across:

  • Web security

  • API security

  • AI/LLM security topics 

This created a shared starting point for ~100 engineers.

The Breakthrough: Visibility

Using Security Journey’s API, HackerOne built a Slack workflow that announced training completions.

The impact was immediate:

  • Progress became public

  • Engineers congratulated each other

  • Participation became social — even competitive

  • Training became part of team identity

What Our Customers Say

SecurityJourney_Testimonial_fin

I didn’t just get a platform. I got a partner who helped me make this work.

Martzen Haagsma, Security Engineer at HackerOne at Zoom

SecurityJourney_Testimonial_fin

Security Journey was collaborative with the team at Zoom to help understand our needs and how they could help us reach our goals. 

Robert Walker, Secure Software Development Lead at Zoom

SecurityJourney_Testimonial_fin

As an engineer, I love the hands-on problems! I think it's a really great challenge and also does a great job of making sure folks are paying attention. I'd highly recommend this.

Security Journey Customer, Information Technology

SecurityJourney_Testimonial_fin

I like to take up the HACKEDU training to brush-up my skills and the most liked part is the hint and explanation.

SecurityJourney Customer, IT Service Management Company

SecurityJourney_Testimonial_fin

Security Journey works in that you have to actually solve problems and code. I think that in terms of measuring the effectiveness, Security Journey is a fantastic product.

Robert Walker, Secure Software Development Leader at Zoom

SecurityJourney_Testimonial_fin

It's nice to be able to consume smaller segments of training without requiring me to block large time blocks.

Security Journey Customer, Health and Wellness Company

SecurityJourney_Testimonial_fin

When I was searching for a replacement to the Secure Code Warrior training, it was important that I find a provider who appreciated my business no matter how many developers I had. Security Journey welcomed my business, and even helped me create custom learning paths specific to my needs.​

Seth Strumph, CTO of Optimal Workshop

The Results

A Culture Shift, Not Just a Training Program

HackerOne saw clear, observable changes:

  • Participation became steady instead of deadline‑driven

  • Previously disengaged engineers returned to the platform

  • Managers supported learning time more easily

  • Security conversations increased across channels

  • Training became part of onboarding and engineering culture