HackerOne Blog

Exposure Management

Exposure Management

Crowdsourced Security

Gain Actionable, Data-backed Insights with HackerOne Recommendations

February 6th, 2025

What if your security program could self-optimize? With HackerOne Recommendations, it can.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Introducing HackerOne Automations

September 16th, 2024

Efficiency and accuracy are crucial in vulnerability remediation. Yet, repetitive and manual handling of tasks...

Exposure Management

The Rise of Bug Bounty Programs in S-1 Filings: A New Standard in Corporate Security

September 11th, 2024

Learn why more organizations are including their bug bounty programs in S-1 filings and other corporate disclosures.

Exposure Management

Quantifying the Value of Bug Bounty Programs: ROI, ROM, or Both?

September 4th, 2024

Is ROI the right method to measure bug bounty value? Check out the cost-benefit analysis of ROI vs. ROM.

Exposure Management

Crushing FUD: Embracing Ethical Hackers to Strengthen Cybersecurity

September 3rd, 2024

FUD can overshadow proactive collaboration with ethical hackers. Let's explore how to combat FUD and get organizational buy-in for bug bounty and VDP.

Exposure Management

A Visual Guide to Bug Bounty Success

August 7th, 2024

We've created a visual guide to planning, operating, and evaluating your bug bounty program for success.

Exposure Management

Security Page Updates: Boosting Consistency & Transparency for Security Researchers and Customers

August 1st, 2024

HackerOne has launched new updates to program security pages that standardize policy fields and drive hacker engagement.

Exposure Management

Security Research

How a GraphQL Bug Resulted in Authentication Bypass

July 29th, 2024

Experienced security researchers explain how a GraphQL bug resulted in authentication bypass — and how to avoid it.

Security Compliance

Exposure Management

Public Policy

Are You Ready for the New NIST Control Around Public Disclosure Programs?

July 25th, 2024

A new NIST control requires SaaS vendors to “establish a public reporting channel for receiving reports of vulnerabilities in organizational systems and system components.”

Exposure Management

Streamline Report Management with Custom Inboxes: Reducing Delays and Security Risks

July 23rd, 2024

Custom Inboxes Enhancements provide flexible report segmentation, reduce administrative overhead, and mitigate security risks.