HackerOne Blog

Crowdsourced Security

What Are Bug Bounties and How Do They Work?

December 4th, 2025

Bug bounties give security researchers a structured way to report vulnerabilities. This guide explains how bug bounty programs work and why organizations use them.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Exposure Management

Crowdsourced Security

Bug Bounty

Hai

Closing the Exposure Gap: What pixiv Learned About Continuous Security Testing

March 10th, 2026

pixiv moved beyond periodic assessments to continuous security testing, proving real exploitable risk, reducing noise, and accelerating remediation with high-signal findings.

Crowdsourced Security

Bug Bounty

How Santa Clara University Scales Security With a Small Team and Big Community

February 3rd, 2026

Santa Clara University scaled security with a student-driven bug bounty program and HackerOne support, improving visibility across campus systems.

Crowdsourced Security

Offensive Security

Bug Bounty

What Are Bug Bounties and How Do They Work?

December 4th, 2025

Bug bounties give security researchers a structured way to report vulnerabilities. This guide explains how bug bounty programs work and why organizations use them.

Crowdsourced Security

Bug Bounty

A Decade of Defense: Celebrating Grab's 10th Year Bug Bounty Program

December 4th, 2025

Grab marks a decade of global bug bounty collaboration, engaging 850+ researchers to strengthen security for 187M users across Southeast Asia.

Culture & Talent

Crowdsourced Security

Bug Bounty

Roni Carta: From Bug Bounties to Building a Safer Supply Chain

October 30th, 2025

A young ethical researcher turned bug bounty reports into a software supply chain startup—no VC funding to date, just curiosity and community.

Crowdsourced Security

AI Red Teaming

Government Cybersecurity Leaders Embrace Crowdsourcing, But Must Commit to AI Defense

August 29th, 2025

Government CISOs succeed with crowdsourced security. To stay resilient, they must bring the same focus to AI security.

Crowdsourced Security

Live Hacking Events

Adobe Security Recap: 2024 Ambassador World Cup Final Four

July 31st, 2025

Last month, Adobe participated in the final round of the 2024 Ambassador World Cup (AWC) championship.

Crowdsourced Security

Bug Bounty

Response

3 Crowdsourced Security Myths Are Holding You Back

July 9th, 2025

Leading CISOs are embracing crowdsourced security. Uncover 3 common myths and why ethical hackers are key to modern defense strategies.

Crowdsourced Security

What We’ve Learned from 5 Months of Hackbot Activity

June 26th, 2025

AI-powered hackbots are capturing bounties and reshaping offensive security. Here’s what we’ve learned in 5 months—and how to prepare for what’s next.