Our Solution: Precision Internal Network Testing with Zero Trust Control
We are excited to introduce Gateway Internal Network Testing (INT) as the latest enhancement to HackerOne Gateway, powered by Cloudflare’s Zero Trust Network Access (ZTNA) technology. Gateway is one of the key components of the HackerOne Platform, providing superior control and precision in managing security program traffic. Gateway INT addresses the critical need for secure and efficient internal network testing by routing all security program traffic through the same ZTNA. This provides the additional traceability required in regulated and compliance-driven industries, enabling external security researchers to conduct thorough testing of pre-production assets with access mechanisms built on the enhanced security principles of zero trust.
Gateway features a split tunnel, researcher-level segregation, and logging with TLS decryption, ensuring visibility and control over all testing activities. Gateway INT seamlessly integrates advanced firewall protection and industry-standard security protocols, including Cloudflare Tunnel (also known as Cloudflared) and IPsec. The solution balances ease of use with zero trust security, offering an optional dedicated virtual machine (VM) setup to facilitate the Cloudflared solution for pentesting on internal assets. Customers also have the flexibility to install and self-manage Cloudflared on their existing or new endpoints (servers).
Understanding Cloudflared and IPsec in Gateway INT Context
Cloudflared is a command-line tool that creates secure tunnels to Cloudflare’s network. This allows safe and fast access to internal applications without internet exposure. In Gateway INT, Cloudflared encrypts and securely routes all security testing traffic through a ZTNA infrastructure, supporting specialized pentests that require evaluation or network segmentation and other forms of testing that require testing from within an internal network. |
IPsec (Internet Protocol Security) is a suite of protocols that secure internet communication by authenticating and encrypting each IP packet. In Gateway INT, IPsec adds another layer of encryption and security for traffic between internal networks and security researchers, protecting sensitive data and providing continuous proof of testing. |
Key Benefits
Program-specific Control and Visibility
The Control View manages who can access the program and assets. Gateway allows seamless setup, pausing, and resuming of access for researchers, applied on a per-researcher or overall program level. Any changes trigger email notifications for both paused and resumed actions, with filtering and search capabilities for streamlined management.
INT Advantage: Provides controlled bug bounty programs with granular reporting through Cloudflare Tunnel, ensuring proof of testing activities and transparency, while maintaining robust security and compliance.
Allowlisted IP Addresses
Allowlisted IP addresses are assigned closest to the asset location to reduce latency and improve performance. The Settings view includes separate tabs for Hackers, Pentesters, Triagers, and Program Admins, along with the ability to pause, resume, and filter actions with a single click.
INT Advantage: Maintain program-specific control over all your assets with 24/7 IP allowlisting monitoring and the ability to pause testing as needed.
Download Log View and Real-Time Log Stream
The Log Management feature, available for the Cloudflared solution, facilitates downloading a zip archive containing HTTP, session, and network logs for incident investigation and hacker activity analysis. It also supports setting up a real-time log stream to various cloud storage destinations for SIEM integration, reducing the typical 20-minute lag time.
INT Advantage: Ensures regulatory compliance with laws like GDPR, HIPAA, and SOX by providing controlled access and comprehensive logging, and enhances timely and efficient data analysis for improved security monitoring.
Security Researcher Activity Control via Activity Logs
The Activity Logs offer visibility into actual security researcher activity. They detail which researchers, Program Admins, and Triagers are accessing URLs, and filters and date ranges are available to streamline information access.
INT Advantage: Precision monitoring distinguishes between legitimate security researcher traffic and genuine threats, reducing security alerts.
Data-driven Engagement Analytics
The Analytics view specific to Gateway provides key insights to drive engagement, understand asset touch frequency, and refine your program. It includes information on active hackers, top contributors, overall activity, and asset requests per program.
INT Advantage: Advanced engagement analytics allow you to view, analyze, and download data to inform data-driven strategy adjustments and demonstrate program ROI.
Effortless Internal Network Pentesting
Providing restricted access to a testing environment, such as access to an internal network for network pentesting, an internal application, or a restricted sandbox. For pre-release web application features, customers often need to limit access to authorized testers only. Traditionally, this involves significant adjustments like modifying firewall rules, adding VPN accounts, and granting access to virtual desktops, which can ironically compromise security and impact pentester productivity due to slow network access and cumbersome configurations.
HackerOne’s Gateway, powered by Cloudflare’s WARP technology, streamlines this process by creating a Zero Trust tunnel that connects pentesters securely to target assets without needing to collect multiple IP addresses. Organizations still adjust firewalls but avoid the complexity of managing numerous IPs. The WARP client on testers’ endpoints authenticates their identity and device, allowing easy granting, revoking, and auditing of access.
By providing seamless access to virtual desktops or VDI/VM environments, Gateway delivers higher-quality pentest results. Pentests are often on tight deadlines, and Gateway’s well-documented, performant, predictable, and repeatable solution addresses the urgency and security trade-offs typically associated with setting up access. This results in a more secure and productive pentesting process, aligning security priorities with operational demands.
Gateway INT enhances internal network security by enabling pentests that simulate real-world attacks. This latest addition to Gateway offers:
- Self-Managed Configuration Using Cloudflared: Organizations can configure the Cloudflared tunnel independently, ensuring encrypted and protected traffic without the complexity of VPN setups.
- Gateway INT Virtual Machine: This provides a virtual machine (VM) pre-configured for Gateway INT secure tunnel compatibility and loaded with an up-to-date toolkit so assessors are ready to start thorough testing within your network. This simplifies the process and ensures all security measures are in place from the start.
With the option to adopt a VM, Gateway INT facilitates pentesting on internal assets. This solution replaces the need for sending physical devices for internal network pentests and setting up individual VMs for pentesters, streamlining the entire process for both security teams and testers. The combination of Gateway VPN/Tunnel and Gateway VM ensures end-to-end support for accessing the network and conducting thorough testing from within.
Looking Ahead
This blog serves as an introduction to Gateway INT. As we observe how our customers use the solution, we continuously seek opportunities to make improvements and enhance the user experience. In upcoming posts, we will explore:
- Details of internal network pentesting and best practices.
- Detailed use cases for private bounty programs.
Get Started With Gateway INT
Ready to enhance your precision for internal network security? Meet one of our security experts to see HackerOne Gateway in action. For more information and product documentation, visit our Gateway parent page and the Gateway internal network testing page.