Skip to main content

HackerOne Blog

new-features
It’s now possible to view updates on JIRA issues right inside your HackerOne Reports. The two-way integration means that whenever a JIRA issue changes state, an internal comment is posted on the appropriate HackerOne Report. No more going back and forth between JIRA and HackerOne!

new-features
HackerOne updated their vulnerability taxonomy to include a more complete weakness suite based on the industry-standard Common Weakness Enumeration (CWE).
new-features
Introducing Email Forwarding, have security@ emails forwarded to your HackerOne Inbox as a new report.
new-features
Programs on HackerOne can now customize the Views in their Inbox to accommodate more advanced vulnerability disclosure workflows.
new-features
We have collated the data from our 500+ bounty paying programs, and will show you the results every time you award a bounty!
new-features
Hackers can now identify their skills by submitting relevant reports which are verified by HackerOne.
new-features
Get the scoop on the latest update to the HackerOne API with some slick new communication features.
new-features
Better way to give thanks to our amazing hackers by releasing a new and improved Thanks page on hacker profiles.
new-features
Today, we're making it even easier to never miss a policy change. You now have the ability to be notified whenever the policy of a certain program changes.
new-features
You can now assign vulnerability severity utilizing the Common Vulnerability Scoring Standard (CVSS).
new-features
Today, we’re taking the next step towards a better integration with your existing tools. Now teams can assign reports to team members using the API.
new-features
Now security teams can create their own custom Report Templates for hackers.
new-features
Today we are launching Policy Diffing. On every single team page, you will now be able to see when the policy was last changed, and you will be able to see all policy changes for the program.
new-features
Now security teams can edit the vulnerability types after the report has been submitted. With this improvement, teams can expect to have more accurate vulnerability data.
new-features
Upvote hacker activities and see what's popular on Hacktivity
new-features
The New HackerOne Leaderboard ranks reputation, signal and impact data in a simple tabular format.
new-features
Announcing new product editions - Professional, Enterprise and Security@. Along with HackerOne Managed and Pilots, the same HackerOne power can be tailored to every organization’s needs.
new-features
Now Hackers can earn even more on HackerOne! Introducing badges, now available on Hacker profiles in the badges sidebar.
new-features
The first version of our API is now available! The API augments the HackerOne interface to empower you to build the best bug bounty programs.
new-features
To help security programs manage the expectations of participating hackers, we are rolling out a new program metrics feature, to be displayed on individual Security@ pages.
new-features
We are excited to share that Uber is launching its public bug bounty program today on HackerOne. Additionally, Uber and HackerOne collaborated to create a new way of rewarding hackers called bonuses, which enables security teams to give additional monetary awards to hackers beyond initial bounties. The Uber loyalty program will utilize HackerOne bonuses for additional incentives in its public program.
new-features
HackerOne improves the quality of vulnerability reports received in public bug bounty programs with Signal Requirements and Rate Limiter. Signal Requirements allow a company to set the threshold for Signal that hackers must reach in order to submit reports to them. The updated Rate Limiter provides hackers the opportunity to still participate in a limited way, even if they are below the Signal requirement.
new-features
We improved the hacker invitation system for private vulnerability coordination and bug bounty programs. The new system operates more transparently and ensures that top hackers are invited to more private programs.
new-features
HackerOne releases new Signal and Impact metrics to better describe researcher report history. Signal is the average Reputation per report. Impact is the average Reputation per bounty.
new-features
HackerOne new feature announcements November 2015 include Improved Triggers, Automated Scanner Detection, SAML Support, and new Integrations.
new-features
HackerOne introduces Disclosure Assistance to help hackers reach organizations that don't have official vulnerability reporting processes.
new-features
HackerOne introduces the HackerOne Success Index, a method to measure the effectiveness of HackerOne-powered vulnerability disclosure programs.
new-features
HackerOne's Katie Moussouris explains the Vulnerability Disclosure Maturity Model, a way to help organizations measure, benchmark and improve their security vulnerability handling capabilities.
new-features
HackerOne new feature announcements August 2015 include Group Permissions, Researcher Messaging, and Summarized Public Reports.
new-features
HackerOne is launching the Directory: a community-curated resource for identifying the best way to contact an organization's security team.
new-features
One of the primary challenges when running a vulnerability coordination program is distinguishing the signal from the noise. Today, we're introducing a new reputation system to make running a program even easier.
new-features
At HackerOne, we're on a mission to empower the world to build a safer internet. Better security begins with a quality vulnerability coordination process, and our free platform enables your team to seamlessly manage the entire workflow. Think of it as a replacement for your old shared security inbox.