HackerOne Blog

Code Security

Return on Mitigation

Code Security

Code

The Cost Savings of Fixing Security Flaws in Development

February 25th, 2025

There’s no debate that catching and fixing security flaws in development saves time, money, and stress.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Code Security

Mitigating CWE-352: Cross-Site Request Forgery in Ruby Applications

January 23rd, 2024

Cross-Site Request Forgery (CSRF) is a security vulnerability that allows attackers to trick users into...

Code Security

Optimizing Performance in Generative AI: Trimming Tokens

January 22nd, 2024

Generative AI and Large Language Models (LLMs) like GPT-4 and Claude 2 has revolutionized the...

Code Security

Understanding the Benefits of Key Derivation Functions: A Deep Dive into PBKDF2

January 18th, 2024

Hashing values is a cornerstone technique for protecting sensitive data. However, with rising computational power...

Code Security

Harnessing AI to Pinpoint Security Hotspots in Code Review

January 18th, 2024

At HackerOne, we understand the challenge of maintaining robust security in your codebase. That's why...

Code Security

Avoiding N+1 Database Queries in ASP.NET: A Practical Guide

January 16th, 2024

In web applications, performance issues can often stem from inefficient database queries. One such notorious...

Code Security

Integrating OpenAI into Your Application: A Security Perspective

January 15th, 2024

Integrating OpenAI's language models like GPT-3 into applications has become increasingly popular. However, with great...

Code Security

Safely Handling Large Integers in JSON: Best Practices and Pitfalls

January 12th, 2024

In the world of software development, the transmission of data in a structured, reliable format...

Code Security

Handling Large File Uploads in React: Securely Using AWS S3 Pre-signed URLs

January 10th, 2024

Uploading large files, especially those spanning multiple gigabytes, from a React application can be a...

Code Security

The Fallacy of Overreliance on Traits in PHP: Unmasking Poor Class Design

January 10th, 2024

Introduction In the realm of object-oriented programming (OOP), PHP's introduction of traits in version 5.4...