Intercom + HackerOne
Connect Intercom and HackerOne to Keep Customer Support and Security on the Same Page
Automate the flow of security reports, bug disclosures, and customer communications between HackerOne and Intercom so your teams stay aligned and customers stay informed.
Why integrate Intercom and HackerOne?
Intercom and HackerOne handle two functions that rarely talk to each other — customer communication and security vulnerability management. When a researcher discloses a bug through HackerOne that affects end users, support teams in Intercom need timely, accurate information to answer customer questions with confidence. Integrating these two platforms through tray.ai means security findings, remediation timelines, and disclosure updates move cleanly between your security and support organizations instead of getting stuck in Slack threads.
Automate & integrate Intercom & HackerOne
Use case
Proactive Customer Notification on Vulnerability Disclosure
When a HackerOne vulnerability reaches a disclosed or resolved state, automatically trigger an Intercom message to affected customer segments. Customers hear about security issues that may impact their data or usage before they need to ask.
Use case
Sync HackerOne Bug Reports as Intercom Internal Notes
Automatically push new and updated HackerOne vulnerability reports into relevant Intercom conversations as internal notes. Support agents handling related customer queries get instant context on severity, status, and expected resolution timelines without leaving Intercom.
Use case
Route Customer-Reported Security Issues to HackerOne
When a customer flags a potential security issue through an Intercom conversation, automatically create a structured HackerOne report and notify the security team. This closes the gap between customer-facing support and your formal vulnerability disclosure program.
Use case
Escalate Critical HackerOne Findings to Intercom Support Teams
For HackerOne reports classified as high or critical severity, automatically send an Intercom announcement or internal broadcast to your support team. Frontline agents get the heads-up they need to handle related customer inquiries consistently.
Use case
Track Vulnerability Resolution Status in Customer Conversations
When a HackerOne report moves from triaged to resolved, automatically update linked Intercom conversations with a resolution note or close them if the customer issue was security-related. Conversation records stay accurate without manual follow-up.
Use case
Aggregate Security Metrics into Intercom for Customer Success Reviews
Pull HackerOne program metrics — mean time to resolution, disclosure rates, bounty statistics — and surface them inside Intercom to enrich customer success conversations. When an enterprise customer asks about your security posture, you'll have real data ready.
Use case
Tag Intercom Users Affected by Specific Vulnerabilities
When a HackerOne report is resolved and a CVE is published, automatically tag affected users in Intercom based on product version, feature usage, or account type. Targeted follow-up messaging becomes straightforward, and customer success teams can prioritize outreach without digging through spreadsheets.
Get started with Intercom & HackerOne integration today
Intercom & HackerOne Challenges
What challenges are there when working with Intercom & HackerOne and how will using Tray.ai help?
Challenge
Keeping Support Teams Informed Without Breaching Security Disclosure Protocols
Security teams are often restricted in what vulnerability information they can share before a formal disclosure, making it hard to give support agents enough context without accidentally leaking sensitive details.
How Tray.ai Can Help:
tray.ai workflows can be configured to release only pre-approved, sanitized summaries to Intercom at specific HackerOne status milestones — triaged, resolved, or disclosed — so agents get the right information at the right time without exposure to raw vulnerability data.
Challenge
Mapping HackerOne Vulnerability Scope to Affected Intercom User Segments
Not every vulnerability affects every customer, and sending blanket security notifications can alarm people unnecessarily and erode trust. Pinpointing which Intercom users are actually impacted by a specific HackerOne report means cross-referencing product data that may live in multiple systems.
How Tray.ai Can Help:
tray.ai's data transformation and conditional logic let you enrich HackerOne report data with product metadata, then filter Intercom users by attributes like plan type, feature flags, or account region — so only genuinely affected customers receive security communications.
Challenge
Avoiding Duplicate Reports When Customers Report Security Issues via Intercom
When multiple customers report the same security issue through Intercom simultaneously, creating a HackerOne report for each conversation can produce dozens of duplicate submissions that overwhelm the security team and slow down triage.
How Tray.ai Can Help:
tray.ai workflows can include deduplication logic that checks HackerOne for existing open reports matching key attributes before creating a new one. When a match is found, the workflow links the Intercom conversation to the existing report and notifies the customer without adding noise for the security team.
Challenge
Handling Rate Limits and API Pagination Across Both Platforms
Both Intercom and HackerOne impose API rate limits, and bulk operations — notifying thousands of customers or querying large report histories — can quickly exhaust quotas if not managed carefully, leading to failed workflows and incomplete data syncs.
How Tray.ai Can Help:
tray.ai's built-in rate limit handling, retry logic, and pagination support automatically manage API throttling for both connectors. Workflows queue and batch requests intelligently, so data processing completes without manual intervention even during high-volume operations.
Challenge
Maintaining an Audit Trail Across Security and Customer Communication Events
Compliance and security teams often need a full audit trail showing exactly which customers were notified about a vulnerability, when, and with what message. Manually correlating Intercom message logs with HackerOne disclosure records is slow and easy to get wrong.
How Tray.ai Can Help:
tray.ai logs every workflow execution with full input and output data, giving you a tamper-evident record of every Intercom message triggered by a HackerOne event. Those logs can be exported to a data warehouse or SIEM, so compliance teams get a complete, queryable audit trail linking customer notifications directly to the originating vulnerability report.
Start using our pre-built Intercom & HackerOne templates today
Start from scratch or use one of our pre-built Intercom & HackerOne templates to quickly solve your most common use cases.
Intercom & HackerOne Templates
Find pre-built Intercom & HackerOne solutions for common use cases
Template
HackerOne Vulnerability Disclosed → Intercom Customer Notification
Automatically sends a targeted Intercom message to affected customer segments whenever a HackerOne vulnerability moves to disclosed status, so customers stay informed without manual effort from your security or support teams.
Steps:
- Trigger when a HackerOne report status changes to 'disclosed'
- Extract vulnerability details including severity, affected product area, and remediation summary
- Identify affected Intercom user segments based on product usage or account metadata
- Send a personalized Intercom message or announcement to matched users
- Log the outreach back to the HackerOne report as an activity note
Connectors Used: HackerOne, Intercom
Template
New HackerOne Report → Intercom Internal Agent Note
Pushes a structured internal note into relevant Intercom conversations whenever a new HackerOne report is submitted, so support agents have immediate awareness of emerging security issues that may explain what customers are reporting.
Steps:
- Trigger when a new report is submitted to a HackerOne program
- Parse report fields including title, severity, CVSS score, and current status
- Search Intercom conversations for keywords or tags related to the affected feature
- Add a formatted internal note to matched conversations with vulnerability details and a link to the HackerOne report
Connectors Used: HackerOne, Intercom
Template
Intercom Security Conversation → New HackerOne Report
Watches incoming Intercom conversations for security-related keywords and automatically creates a structured HackerOne vulnerability report, routing the issue to the right program for formal triage and remediation.
Steps:
- Trigger when a new Intercom conversation is tagged or classified as security-related
- Extract relevant details from the conversation including the customer's description and any attachments
- Create a new structured report in the appropriate HackerOne program with pre-populated fields
- Reply to the customer in Intercom confirming receipt and providing a reference number
- Notify the security team via HackerOne's internal messaging
Connectors Used: Intercom, HackerOne
Template
Critical HackerOne Report → Intercom Team Broadcast
Automatically broadcasts an internal Intercom alert to your support team whenever a critical or high-severity HackerOne report is triaged, so agents are ready to handle related customer inquiries before they escalate.
Steps:
- Trigger when a HackerOne report is triaged with a severity rating of High or Critical
- Generate a concise internal briefing including affected area, interim customer guidance, and expected SLA
- Post the briefing as an Intercom announcement visible only to support agents
- Update the HackerOne report with a timestamp confirming support team notification
Connectors Used: HackerOne, Intercom
Template
HackerOne Report Resolved → Close Related Intercom Conversations
When a HackerOne vulnerability is marked resolved, this template automatically finds linked Intercom conversations and either closes them with a resolution note or sends the customer a follow-up confirming the fix.
Steps:
- Trigger when a HackerOne report status changes to 'resolved'
- Look up Intercom conversations tagged or linked to the specific vulnerability ID
- Add a resolution note to each matched conversation with fix details and any recommended customer action
- Optionally close or snooze resolved conversations to keep the support queue clean
Connectors Used: HackerOne, Intercom
Template
Weekly HackerOne Program Summary → Intercom CSM Digest
Generates a weekly digest of HackerOne program activity — new reports, resolution rates, bounty payouts — and delivers it as an Intercom note or message to customer success managers so they're prepared for client conversations.
Steps:
- Trigger on a weekly schedule
- Query HackerOne API for program stats over the past seven days
- Compile metrics into a formatted summary including open reports, mean time to resolve, and severity breakdown
- Deliver the digest as an internal Intercom note or proactive message to CSM team members
Connectors Used: HackerOne, Intercom