HackerOne has launched an integration with Wiz, now part of Google Cloud, aimed at helping enterprises better identify and address exploitable vulnerabilities across cloud and AI environments.
The integration brings HackerOne findings into Wiz’s cloud and AI security platform, combining validated vulnerability data with cloud asset information so security teams can more easily determine which issues require immediate attention.
The announcement comes as organizations continue to face larger volumes of security findings tied to cloud infrastructure and AI systems. HackerOne said vulnerability submissions on its platform rose 76% year over year in March, while remediation rates declined significantly over the same period.
Under the integration, findings from HackerOne bug bounty, vulnerability disclosure, pentesting, and AI red teaming programs are connected to Wiz’s Security Graph and Attack Surface Management capabilities. The companies said the setup allows organizations to see how validated vulnerabilities relate to infrastructure, identities, and sensitive data within cloud environments.
“Context is what turns security findings into meaningful action,” said Oron Noah, VP Product, Extensibility & Partnerships at Wiz. “Through our partnership with HackerOne, customers can bring validated exploitability into the broader context of their cloud environments. The integration helps teams focus on the biggest risks so they can prioritize remediation with greater clarity and confidence.”
HackerOne said the integration is part of its PartnerOne Technology Alliance Program, which is designed to connect tools involved in vulnerability discovery and remediation workflows.
“PartnerOne is built around a simple idea: customers get stronger security outcomes when the tools they rely on work better together,” said John Addeo, VP of Global Channels, HackerOne. “Our partnership with Wiz reflects that mission by bringing validated risk into the cloud security workflows teams already use. Together, we’re helping teams close the gap between discovery and remediation by moving from reactive vulnerability management to proactive exposure reduction.”
The companies said the integration can help organizations assess the reach of exploitable vulnerabilities, prioritize findings backed by exploit evidence, and improve coordination between security and cloud operations teams.
