HackerOne Blog

Public Policy

Why Reauthorizing CISA 2015 Is Critical to the AI Action Plan

July 24, 2025

CISA 2015 is the backbone of public-private cybersecurity collaboration. As Congress faces reauthorization, here's why letting it lapse would put defenders, and national security, at risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Public Policy

What You Need to Know About the New AI Executive Order

June 2, 2026

The new AI Executive Order shifts federal cybersecurity focus from vulnerability discovery to validation, remediation, and coordinated disclosure. Here's what the order means for security leaders and what to watch during implementation.

Public Policy

AI Red Teaming

Europe’s New AI Security Standard: What It Means for Vulnerability Disclosure and AI Red Teaming

March 25, 2026

ETSI EN 304 223 makes Vulnerability Disclosure and AI red teaming baseline expectations. Get practical steps to prepare for EU rollout by late 2026.

Public Policy

Security Research

A Safer Future for Security Research: Landmark Moves in Portugal and the UK

December 18, 2025

Portugal’s Article 7 and the UK’s proposed statutory defence mark major steps toward protecting good-faith security research. Explore how these reforms reduce risk and strengthen coordinated vulnerability disclosure.

Public Policy

What the UK’s New Cyber Security and Resilience Bill Means for Your Organization

December 11, 2025

The UK’s Cyber Security and Resilience Bill expands NIS obligations, updates incident reporting, and raises expectations for resilience across digital services.

Public Policy

Pentest as a Service

CMMC 2.0 Final Rule: What Defense Contractors Need to Know

September 25, 2025

The DoD has finalized CMMC 2.0. Learn what contractors must do to stay compliant with the new rule taking effect November 10, 2025.

Public Policy

Response

AI Red Teaming

What Security Leaders Need to Know About the UK’s Updated Cyber Framework

August 26, 2025

Learn how the UK’s CAF v4.0 updates impact cybersecurity risk assessment and what security leaders need to know. Get actionable insights.

Public Policy

Belgium’s NIS2 Transposition: A Practical Model for other EU States

August 6, 2025

Belgium’s NIS2 Quick Start Guide and Cyber Fundamentals Framework simplify compliance. Learn why VDPs are now a legal requirement across the EU.

Public Policy

What You Should Know About The Next Wave of EU AI Act Requirements

July 31, 2025

Starting August 2, 2025, key EU AI Act requirements take effect, impacting high-risk AI systems and GPAI models. Learn how to align security with compliance.

Public Policy

Why Reauthorizing CISA 2015 Is Critical to the AI Action Plan

July 24, 2025

CISA 2015 is the backbone of public-private cybersecurity collaboration. As Congress faces reauthorization, here's why letting it lapse would put defenders, and national security, at risk.