HackerRank - Trust Center - Security & Privacy

Founded in 2011

HackerRank recognises that the confidentiality, integrity and availability of information and data created, maintained and hosted by us are vital to the success of the business and privacy of our partners.

As a service provider/product, we understand the importance in providing clear information about our security practices, tools, resources and responsibilities within HackerRank so that our customers can feel confident in choosing us as a trusted provider.

This Security Posture highlights high-level details about our steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.

Founded in 2011

Compliances

SOC 2

Compliant

ISO 27001 v2022

Certified

GDPR

Compliant

CSA Star

Compliant

VAPT

Compliant

ISO 42001 v2023

In progress

AI Security Posture

Cost model

Hybrid

Human-in-loop

Yes

Stability

99.5%

Training on customer data

No training

Data retention

30 days

Sprinto AI

Controls

Product security

Audit Logging

Data Security

Team Management

Data security

Access Monitoring

Backups Enabled

Encryption at Rest

Network security

Firewall

IDS/IPS

Spoofing Protection

App security

Bug Bounty

Code Analysis

Credential Management

Endpoint security

Disk Encryption

Mobile Device Management

Corporate security

Email Protection

Employee Training

Incident Response

Resources

Data Retention Policy

Policy

Confidentiality Policy

Policy

Access Control Policy

Policy

Vendor Management Policy

Policy

Encryption Policy

Policy

Data Backup Policy

Policy

Updates

Linux Kernel "Copy Fail" Vulnerability (CVE-2026-31431)

May 6, 2026

We have reviewed CVE-2026-31431 and assessed its impact on our environment.

This vulnerability requires local user access to be exploited. Our production infrastructure is provisioned and managed entirely through Terraform (Infrastructure-as-Code), and we do not provision local user accounts on our servers or permit interactive local access. As a result, the practical exploitability of this vulnerability in our environment is significantly reduced.

We are actively monitoring the Amazon Linux Security Advisory (ALAS) channel for the official patched kernel. Once AWS publishes the remediated kernel, we will apply it through our standard patching process promptly and in line with our vulnerability management SLAs.

We will continue to monitor for any updates to this CVE and adjust our response if the threat profile changes. Please reach out to our security team if you have any further questions.

Security Update: Cisco Catalyst SD-WAN Advisory Not Applicable

Feb 27, 2026

We have reviewed the recent Cisco security advisory (cisco-sa-sdwan-rpa-EHchtZk) regarding an authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller (vSmart) and SD-WAN Manager (vManage).

After validation against our asset inventory and network architecture, we confirm that HackerRank does not utilize Cisco Catalyst SD-WAN solutions within our environment. As such, this vulnerability is not applicable to our infrastructure and no remediation actions are required at this time. We will continue to monitor vendor advisories and maintain routine validation against our technology stack as part of our ongoing risk management process.

Security Update: Bomgar / BeyondTrust (CVE-2026-1731)

Feb 16, 2026

We are aware of the recently disclosed vulnerability CVE-2026-1731 affecting certain Bomgar (BeyondTrust) remote support appliances.

HackerRank does not utilize Bomgar (BeyondTrust) servers within our production or corporate environments. As such, this vulnerability does not impact our infrastructure.

We continuously monitor emerging security advisories and threat intelligence and proactively assess their relevance to our systems to ensure the ongoing security and integrity of our platform.

If you have any additional questions regarding our security posture, please contact our Security team at security@hackerrank.com.

Create your own Trust Center | Powered by