Blog

Home > Blog > company resources

company resources

Browse by Category

Recent Posts

Why Laurie Mercer Became a Security Engineer at HackerOne


HackerOne
Read More

The HackerOne Top 10 Most Impactful and Rewarded Vulnerability Types

We’ve put together a list of the most impactful vulnerabilities on the HackerOne platform so you can see where to aim your security efforts and how to better align your security team to today’s biggest risks. Learn which vulnerabilities aren’t in the OWASP Top 10 and see the top vulnerabilities submitted by volume, bounty awards, and more.

HackerOne
Read More

When Moving To the Cloud, Don’t Leave Basic Security Behind

How to break into a serverless application, a TestLabs blog review. We’ll also discuss why changes in technology don’t change security best practices.

HackerOne
Read More

5 Tips for an Effective AppSec Testing Strategy

Applications have become the lifeblood of businesses in today’s connected world. Software is now the “front door” into your business for many people around the world. Caution is required, though. Applications exposed to the internet are also exposed to shady characters out to exploit your systems for their benefit, often at the expense of your customers and your business. This blog shares 5 tips for an effective application security testing strategy.

HackerOne
Read More

The AWS Shared Responsibility Model: 3 Areas of Improvement to Make Today Part 3: Logging, Monitoring, and Alerting in AWS

Migrating to the cloud means sharing responsibility for security with the cloud provider. Read about one important part of the shared responsibility model: logging, monitoring, and alerting in an AWS environment. Discover the tools available to help you always know what is happening in your environment.

Justin Boyer
Read More

Top Firewall Misconfigurations that Lead to Easy Exploitations by Attackers

Migrating to the cloud means sharing responsibility for security with the cloud provider. Read about one important part of the shared responsibility model: keeping your cloud network secure. Discover how to protect your cloud networks from attackers.

Justin Boyer
Read More

Streamline Every Aspect of Your Responsible Disclosure Policy with HackerOne Response

HackerOne Response is our turnkey solution offering enterprise-grade security and conformance with ISO-29147 (vulnerability disclosure) and ISO-30111 (vulnerability handling). It allows vulnerability management teams to work directly with external third-parties to resolve critical security vulnerabilities before they can be exploited.

HackerOne
Read More

The AWS Shared Responsibility Model: 3 Areas of Improvement to Make Today, Part 1

Migrating to the cloud means sharing responsibility for security with the cloud provider. Read about one important part of the shared responsibility model: keeping your private keys private. Discover how to prevent your secrets from escaping the cloud.

Justin Boyer
Read More

Highlights of New York’s Cybersecurity Regulation 23 NYCRR Part 500

Effective March 1, 2017, the New York State Department of Financial Services (NYDFS) promulgated 23 NYCRR Part 500, a regulation establishing cybersecurity requirements for financial services companies. Beginning today, September 4, 2018, Sections 500.06, 500.08, 500.13, 500.14(a) and 500.15 of 23 NYCRR Part 500 will be enforceable.

Luke Tucker
Read More

What is a Responsible Disclosure Policy and Why You Need One

This article will answer the simple question of what a vulnerability disclosure policy is, what’s included in a good policy, which organizations have a VDP today, and which government agencies have published guidance on VDPs.

HackerOne
Read More