HackerOne Blog

The latest from HackerOne

Finding Fast, Fixing Slow: The Rising Exposure Debt

May 6, 2026

Vulnerability submissions are up 76%. Unresolved criticals grew 25x. HackerOne platform data reveals a widening remediation gap that security teams can't afford to ignore.

Read Now

All

CTEM

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

CTEM

Ask Us Anything: Closing the Discovery-Remediation Gap

June 25, 2026

AI is accelerating vulnerability discovery, but remediation workflows haven't kept pace. HackerOne leaders break down how organizations are building toward CTEM and what it takes to prioritize, validate, and fix what actually matters.

Code Security

HackerOne News

Patch the Planet: HackerOne Joins OpenAI's Daybreak Initiative to Secure Critical Open-Source Software

June 22, 2026

HackerOne is a launch partner in Patch the Planet, a new initiative pairing AI-assisted research with expert human validation to deliver verified fixes to open-source maintainers at scale.

CTEM

Exposure Management

Why Periodic Pentesting Falls Short: The Case for Continuous Security Validation

June 11, 2026

Quarterly pentests can't keep pace with an attack surface that changes daily. Enterprise CISOs are replacing periodic assessments with continuous security validation programs that surface real, exploitable risk before attackers do.

Exposure Management

HackerOne Champion of the Quarter: monday.com's Amit Levy on Thinking Like an Attacker to Defend Like a Pro

June 3, 2026

Some security leaders manage programs. Amit Levy engineers them. Amit spent a significant part of...

Public Policy

What You Need to Know About the New AI Executive Order

June 2, 2026

The new AI Executive Order shifts federal cybersecurity focus from vulnerability discovery to validation, remediation, and coordinated disclosure. Here's what the order means for security leaders and what to watch during implementation.

HackerOne News

Navigating the AI Wave: How We're Keeping Security Research Meaningful

May 29, 2026

A 100%+ surge in AI-assisted bug bounty submissions changed how HackerOne thinks about quality, triage, and researcher accountability. Here's what we learned navigating the wave and how we're building for what's next.

Exposure Management

CTEM

Finding Fast, Fixing Slow: The Rising Exposure Debt

May 6, 2026

Vulnerability submissions are up 76%. Unresolved criticals grew 25x. HackerOne platform data reveals a widening remediation gap that security teams can't afford to ignore.

Exposure Management

GPT-5.5 vs Claude Opus 4.7 vs Sonnet 4.6: OpenAI's Frontier Cyber Model Faces Anthropic's Best on Vulnerability Validation

May 6, 2026

We benchmarked GPT-5.5, Claude Opus 4.7, and Sonnet 4.6 on CVEs and real reports to judge vulnerability exploitability with speed and accuracy.

Exposure Management

CTEM

Hai

When Security Teams Can Prove Exposure Risk, They Can Reduce It Faster

April 30, 2026

Meet new Hai capabilities that validate exploitability, reduce triage noise, and help security and engineering move from findings to fixes faster.