HackerOne Blog

Exposure Management

7 Predictions Defining the Move to Always-On Cybersecurity in 2026

December 9th, 2025

Security leaders forecast 2026 as the year CTEM becomes essential, with AI-driven threats, agentic security, and continuous validation reshaping cyber risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Security Compliance

Exposure Management

Public Policy

Are You Ready for the New NIST Control Around Public Disclosure Programs?

July 25th, 2024

A new NIST control requires SaaS vendors to “establish a public reporting channel for receiving reports of vulnerabilities in organizational systems and system components.”

Exposure Management

Streamline Report Management with Custom Inboxes: Reducing Delays and Security Risks

July 23rd, 2024

Custom Inboxes Enhancements provide flexible report segmentation, reduce administrative overhead, and mitigate security risks.

Exposure Management

Common Ecommerce Vulnerabilities: Reflected XSS

June 27th, 2024

With an example from Shopify, learn about the impact of Reflected XSS vulnerabilities in ecommerce.

Exposure Management

From Zero to Hero: Your Guide to Building a Bug Bounty Program With HackerOne

June 6th, 2024

Learn the value of bug bounty for your security program and how to launch and manage a successful BBP with HackerOne.

Exposure Management

3 Bug Bounty Lessons From Retail & eCommerce Customers

May 31st, 2024

Learn 3 bug bounty lessons from HackerOne Retail & eCommerce customers.

Exposure Management

HackerOne Spot Checks for On-Demand, Targeted Security Testing

May 28th, 2024

HackerOne Spot Checks: a specialized capability to bridge the gap between limited resources and thorough security.

Exposure Management

What Is a Vulnerability Disclosure Program and Do You Need One?

May 14th, 2024

Are you wondering about Vulnerability Disclosure Programs (VDPs)? Here’s why you need one, and instructions on starting one or improving your current process.

Ethical hackers working on election security

Security Compliance

Exposure Management

How Ethical Hackers Are Securing Elections

May 14th, 2024

Election technology manufacturers teamed up with ethical hackers to secure elections.

Exposure Management

How Serialized Cookies Led to RCE on a WordPress Website

May 9th, 2024

Learn first-hand from a hacker about a Wordpress remote code execution vulnerability: how to identify it, its risks, and remediation.