HackerOne Blog

Exposure Management

7 Predictions Defining the Move to Always-On Cybersecurity in 2026

December 9th, 2025

Security leaders forecast 2026 as the year CTEM becomes essential, with AI-driven threats, agentic security, and continuous validation reshaping cyber risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Ethical hacker finding XSS vulnerabilities

Exposure Management

How a Cross-Site Scripting Vulnerability Led to Account Takeover

November 4th, 2024

Cross-site scripting (XSS) is the number one most common security vulnerability. Learn what XSS is, its impacts, and how to prevent it.

Hacker discovering a business logic vulnerability

Exposure Management

How a Business Logic Vulnerability Led to Unlimited Discount Redemption

November 1st, 2024

Learn about the impact, severity, and a real-world example of business logic vulnerabilities.

Exposure Management

Measure, Compare, and Enhance Security Programs with HackerOne Benchmarks

October 24th, 2024

HackerOne Benchmarks is a set of features designed to provide insights for optimizing your security program’s performance.

Exposure Management

OWASP Top 10: The Risk of Cryptographic Failures

October 21st, 2024

Cryptographic failures: what are they and why are they considered so concerning by the OWASP Top 10?

Exposure Management

Vulnerability Deep Dive: Gaining RCE Through ImageMagick With Frans Rosen

October 17th, 2024

The file upload vulnerability type is as broad in scope as the number of different...

Security researcher finding IDOR vulnerability

Exposure Management

Offensive Security

How an IDOR Vulnerability Led to User Profile Modification

October 8th, 2024

Learn the ins and outs of IDOR vulnerabilities and how one exploitation led to malicious user profile modification.

Ethical hacker finding broken access control vulnerabilities

Exposure Management

Security Research

How To Find Broken Access Control Vulnerabilities in the Wild

September 30th, 2024

Learn the ins and outs of broken access control vulnerabilities and how to find them in your security research.

Exposure Management

Introducing HackerOne Automations

September 16th, 2024

Efficiency and accuracy are crucial in vulnerability remediation. Yet, repetitive and manual handling of tasks...

Exposure Management

The Rise of Bug Bounty Programs in S-1 Filings: A New Standard in Corporate Security

September 11th, 2024

Learn why more organizations are including their bug bounty programs in S-1 filings and other corporate disclosures.