Connectors / Integration
Connect HackerOne and Slack to Speed Up Vulnerability Response
Get bug bounty alerts and security report updates straight into your team's Slack channels.
HackerOne + Slack integration
HackerOne is the world's leading bug bounty and vulnerability disclosure platform. Slack is where most security teams actually work. When a critical vulnerability comes in, every minute of delay adds risk — and if your engineers are checking a separate dashboard to find out about it, that's a problem. Connecting HackerOne with Slack through tray.ai replaces manual dashboard monitoring with automated notifications and workflows, so your security engineers, triage teams, and stakeholders hear about issues the moment they land.
Security teams live in Slack, but vulnerability reports live in HackerOne — and that gap is where response time gets lost. Without an automated connection between the two, triage teams end up context-switching constantly, polling dashboards, and manually relaying updates to engineers and management. Connecting HackerOne with Slack through tray.ai means new report submissions, severity escalations, bounty awards, program status changes, and hacker communications show up in the right Slack channels, in front of the right people, immediately. It cuts response latency, keeps DevSecOps, engineering, and compliance in sync, and builds a faster, more accountable remediation culture. Whether you're running a private program or a public bug bounty, no critical finding slips through unnoticed.
Automate & integrate HackerOne + Slack
Automating HackerOne and Slack business processes or integrating data is made easy with Tray.ai.
Use case
Instant Critical Vulnerability Alerts
When a new HackerOne report comes in with a critical or high severity rating, tray.ai posts a detailed alert to your designated security Slack channel automatically. The message includes the report title, severity, affected asset, and a direct link for immediate triage. Your fastest responders are engaged within seconds of a report landing.
- Reduce mean time to respond (MTTR) for critical vulnerabilities
- Stop engineers from having to manually monitor HackerOne inboxes
- Get the right on-call engineers looped in immediately via Slack mentions
Use case
Report Status Change Notifications
As HackerOne reports move through triage — from new to triaged, needs more info, resolved, or closed — tray.ai pushes status updates into Slack threads or dedicated channels. Teams always know where each finding stands without leaving Slack. The constant back-and-forth of status check-ins between security and engineering largely disappears.
- Keep engineering and product teams informed of remediation progress in real time
- Cut down on manual status update emails and Slack messages from security leads
- Build a searchable audit trail of vulnerability lifecycle events in Slack
Use case
Bounty Award and Hacker Communication Updates
When a bounty is awarded or a hacker comment needs a response, tray.ai sends a Slack notification to program managers so nothing gets missed. Responding to researchers quickly matters for program reputation and hacker engagement — automating these nudges means your team stays on top of it without relying on memory or manual checks.
- Improve researcher satisfaction by responding to comments faster
- Alert program managers when bounty approvals are pending review
- Keep your HackerOne program health score up through timely engagement
Use case
Daily or Weekly Vulnerability Program Digests
tray.ai can compile a scheduled digest from HackerOne — covering new submissions, open reports by severity, resolved findings, and total bounties paid — and post it to a Slack channel for leadership and security managers. No more manual reporting. Stakeholders stay informed without attending dedicated status meetings.
- Give security leadership regular program health snapshots without manual effort
- Drive accountability by surfacing aging open reports in recurring Slack digests
- Support board-level security reporting with automatically compiled metrics
Use case
Coordinated Incident Response Threads
When a HackerOne report is escalated to an active incident, tray.ai can automatically create a dedicated Slack channel, invite relevant stakeholders, and post all known report details to kick off a coordinated response. The right people are assembled and informed from the moment an incident is declared — no scrambling to share context across scattered messages.
- Speed up incident response by auto-assembling the right team in Slack
- Put all vulnerability context in a single Slack thread from the start
- Reduce coordination overhead during high-stress security incidents
Use case
New Program Scope or Policy Change Announcements
When your HackerOne program scope changes — new assets added, rules of engagement updated, or a program moving from private to public — tray.ai broadcasts those changes to relevant internal Slack channels automatically. Keeping engineering, legal, and security aligned on scope prevents unauthorized testing and compliance gaps. Automated announcements mean critical policy updates don't get buried.
- Instantly inform all stakeholders when HackerOne program scope changes
- Reduce the risk of out-of-scope testing caused by miscommunication
- Create a consistent internal communication process for program governance
Challenges Tray.ai solves
Common obstacles when integrating HackerOne and Slack — and how Tray.ai handles them.
Challenge
High Volume of Reports Creating Slack Noise
Active bug bounty programs can receive dozens of submissions a day, and forwarding every HackerOne report to Slack will bury channels in low-signal notifications, causing alert fatigue and training teams to ignore them.
How Tray.ai helps
tray.ai's workflow logic lets teams apply conditional filters — routing only critical and high-severity reports to urgent channels, medium reports to a triage queue channel, and informational submissions to a low-priority digest. Slack notifications stay actionable rather than becoming background noise.
Challenge
Keeping Slack Messages in Sync with Evolving Report Status
HackerOne reports change state frequently as they move through triage, and a static Slack notification goes stale fast, leaving team members acting on outdated information.
How Tray.ai helps
tray.ai stores Slack message timestamps and uses them to post threaded replies whenever a HackerOne report status changes, keeping all updates organized under the original alert without cluttering the main channel.
Challenge
Routing Notifications to the Right Teams and Channels
Large organizations have multiple teams — AppSec, InfraSec, DevOps, Legal, and Executive — who each need different levels of detail about HackerOne reports. A single generic Slack notification doesn't serve any of them well.
How Tray.ai helps
tray.ai's branching and routing logic inspects report metadata like affected asset type, severity, and program to determine which Slack channels and user groups receive each notification, so the right message reaches the right audience without manual intervention.
Templates
Pre-built workflows for HackerOne and Slack you can deploy in minutes.
New HackerOne Report to Slack Channel Alert
HackerOne 
Slack Automatically posts a formatted Slack message to a security channel whenever a new report is submitted to HackerOne, including severity, affected asset, report summary, and a direct link to the report.
Critical and High Severity HackerOne Reports to Slack with On-Call Mention
HackerOne Slack Filters incoming HackerOne reports by severity and sends an urgent Slack alert with an @mention of the on-call security engineer for all critical and high-severity findings.
HackerOne Report Status Updates to Slack Thread
HackerOne Slack Tracks HackerOne report lifecycle changes and automatically posts status updates into a Slack thread tied to the original report alert, keeping all communication in one place.
Weekly HackerOne Program Summary Digest to Slack
HackerOne Slack Runs on a schedule to query HackerOne for the week's report activity and posts a structured digest to a Slack channel, covering new submissions, resolutions, average severity, and bounties paid.
HackerOne SLA Breach Monitor with Slack Escalation
HackerOne Slack Periodically checks all open HackerOne reports for SLA compliance and sends Slack notifications to triage leads when reports are nearing or past their response deadlines.
HackerOne Incident Escalation to Dedicated Slack Channel
HackerOne Slack When a HackerOne report is marked as a confirmed high-impact incident, tray.ai automatically creates a dedicated Slack channel, invites relevant stakeholders, and populates it with all known report details to start a coordinated response.
How Tray.ai makes this work
HackerOne + Slack runs on the full Tray.ai platform
Intelligent iPaaS
Integrate and automate across 700+ connectors with visual workflows, error handling, and observability.
Learn more →Agent Builder
Build AI agents that read, write, and take action in HackerOne and Slack — with guardrails, audit, and human-in-the-loop.
Learn more →Agent Gateway
Expose HackerOne + Slack actions as governed MCP tools — observable, rate-limited, authenticated.
Learn more →Ship your HackerOne + Slack integration.
We'll walk through the exact integration you're imagining in a tailored demo.