Blog

Home > Blog

Blog

Browse by Category

Recent Posts

What To Do When You Don’t Know You’ve Been Compromised

On World Password Day, I’m not going to talk about passwords. At the end of last year, HackerOne ran an exclusive campaign with a select group of hackers in which we challenged them to look for information exposures for 11 customers. The data found by the hackers included everything from passwords and authentication tokens to sensitive documents. No matter how secure your passwords are, your data is out there in different clouds and across various third-party vendors — it's only a matter of time before a leak puts your brand at risk.

Michiel Prins
Read More

The 5 Secrets Of A Mature Vulnerability Management Program

During HackerOne's recent series of webinars, we caught up with Matt Southworth, CISO of Priceline, and Matt Adams, Global Security Architect at Costa Coffee, to learn their 5 secrets to building a highly effective vulnerability management program.

HackerOne
Read More

Saxo Bank Celebrates One Year of Bug Bounties: Q&A with CISO Mads Syska Hasling

One year after launching their private bug bounty program on HackerOne, we sat down with financial services provider Saxo Bank’s CISO, Mads Syska Hasling, to get his insights and learnings from 12 months with a bug bounty program. Read on to see how Saxo Bank thinks about digital security as a non-negotiable for their customers and partners, how bug bounty fits into the broader security program, and advice to other CISOs and stakeholders on leveraging hacker-powered security.

HackerOne
Read More

Hacker Spotlight AMA: Wolf101

Hacker @Wolf101 shares his predictions on the future of bug bounties and tips on getting started.

HackerOne
Read More

How HackerOne Helps the Vulnerability Management Process

HackerOne sees vulnerability management as a process combining software tools and security analyst actions to reduce risk. In many cases, successful Vulnerability Management requires a joint effort between security operations, who find vulnerabilities, and IT operations responsible for fixing, or patching, vulnerabilities.

HackerOne
Read More

A Security Engineer and Hacker Share Their Experiences with Security Assessments

A few weeks ago, HackerOne and PortSwigger teamed up to shine a light on the innovative ways that customers and security analysts are scaling risk assessments. Read on for key learnings.

HackerOne
Read More

Hacker Spotlight AMA: debsec

Chilean hacker @debsec shares his secrets to program selection and the best way to choose your scope in this week's Hacker Spotlights.

HackerOne
Read More

HackerOne Product Enhancements Help Detect, Remediate, and Analyze Cloud Misconfigurations

HackerOne has rolled out new product features to secure cloud workloads, investigate and respond to vulnerability trends, and answer auditors’ questions all in one place. Read on for details!

HackerOne
Read More

Why we sold our founding vulnerability as an NFT

HackerOne sold our founding vulnerability as an NFT and donated the proceeds — 3.3 ETH / $7,086.19 — to Hack the Hood. Read on to learn why!

HackerOne
Read More

Hacker Spotlight AMA: none_of_the_above

This week’s Hacker Spotlight features @none_of_the_above, a Latin American hacker who shares his tips to succeed in cybersecurity.

HackerOne
Read More