HackerOne Blog

The latest from HackerOne

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Read Now

All

Culture and Talent

Customer Stories

Engineering

From The CEO

News & Updates

Public Policy

Researcher Community

Crowdsourced Security

3 Crowdsourced Security Myths Are Holding You Back

July 9th, 2025

Leading CISOs are embracing crowdsourced security. Uncover 3 common myths and why ethical hackers are key to modern defense strategies.

Layers of Defense for AI Security Graphic

From the CEO

Rethinking Risk in the Age of AI

July 8th, 2025

AI is changing the attack surface. CISOs can respond with human-led testing, crowdsourced insight, and a new playbook for AI security.

Return on Mitigation

Calculating Cybersecurity ROI with Return on Mitigation (RoM)

July 1st, 2025

Explore how Return on Mitigation (RoM) reframes cybersecurity ROI by highlighting the cost savings of proactive defense with a real-world example.

Operationalizing Gartner TRiSM: Testing AI for Trust, Risk, and Security

June 27th, 2025

AI risks are systemic. Learn how to operationalize Gartner TRiSM framework with adversarial testing to validate and strengthen your AI security posture.

Crowdsourced Security

What We’ve Learned from 5 Months of Hackbot Activity

June 26th, 2025

AI-powered hackbots are capturing bounties and reshaping offensive security. Here’s what we’ve learned in 5 months—and how to prepare for what’s next.

Hai

Crowdsourced Security

We’re Running Hai Insight Agent on Our Own Bug Bounty Program – See it in Action

June 24th, 2025

Discover how HackerOne's Hai Insight Agent simplifies vulnerability analysis, accelerates resolution, and ensures consistent, accurate security decisions.

Hai

Vulnerability Management

Hai Insight Agent: The Teammate Who Remembers Every Report

June 24th, 2025

Hai, HackerOne's AI security agent, transforms vulnerability reports into actionable insights, helping teams prioritize, act faster, and communicate risks clearly.

Public Policy

Promotion of AI Use by Government and Enhancing Security Are Key Themes Likely to Shape U.S. AI Action Plan

June 23rd, 2025

The Trump administration's AI policy is shaping up to prioritize responsible adoption by federal agencies and bolstered security for AI systems, with a focus on innovation, public trust, and national security.

Vulnerability Disclosure

Public Policy

To Attest or Not to Attest: Questions from the Trump Cyber Executive Order

June 18th, 2025

The new Trump cybersecurity EO rolls back secure software attestation rules—but VDPs remain vital. Here's what contractors and agencies need to know.