HackerOne Blog

Exposure Management

7 Predictions Defining the Move to Always-On Cybersecurity in 2026

December 9, 2025

Security leaders forecast 2026 as the year CTEM becomes essential, with AI-driven threats, agentic security, and continuous validation reshaping cyber risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Hacker discovering a business logic vulnerability

Exposure Management

How a Business Logic Vulnerability Led to Unlimited Discount Redemption

November 1, 2024

Learn about the impact, severity, and a real-world example of business logic vulnerabilities.

Exposure Management

Measure, Compare, and Enhance Security Programs with HackerOne Benchmarks

October 24, 2024

HackerOne Benchmarks is a set of features designed to provide insights for optimizing your security program’s performance.

Exposure Management

OWASP Top 10: The Risk of Cryptographic Failures

October 21, 2024

Cryptographic failures: what are they and why are they considered so concerning by the OWASP Top 10?

Exposure Management

Vulnerability Deep Dive: Gaining RCE Through ImageMagick With Frans Rosen

October 17, 2024

The file upload vulnerability type is as broad in scope as the number of different...

Security researcher finding IDOR vulnerability

Exposure Management

Offensive Security

How an IDOR Vulnerability Led to User Profile Modification

October 8, 2024

Learn the ins and outs of IDOR vulnerabilities and how one exploitation led to malicious user profile modification.

Ethical hacker finding broken access control vulnerabilities

Exposure Management

Security Research

How To Find Broken Access Control Vulnerabilities in the Wild

September 30, 2024

Learn the ins and outs of broken access control vulnerabilities and how to find them in your security research.

Exposure Management

Introducing HackerOne Automations

September 16, 2024

Efficiency and accuracy are crucial in vulnerability remediation. Yet, repetitive and manual handling of tasks...

Exposure Management

The Rise of Bug Bounty Programs in S-1 Filings: A New Standard in Corporate Security

September 11, 2024

Learn why more organizations are including their bug bounty programs in S-1 filings and other corporate disclosures.

Exposure Management

Quantifying the Value of Bug Bounty Programs: ROI, ROM, or Both?

September 4, 2024

Is ROI the right method to measure bug bounty value? Check out the cost-benefit analysis of ROI vs. ROM.