HackerOne Blog

Exposure Management

Exposure Management

Crowdsourced Security

Gain Actionable, Data-backed Insights with HackerOne Recommendations

February 6th, 2025

What if your security program could self-optimize? With HackerOne Recommendations, it can.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Exposure Management

Common Ecommerce Vulnerabilities: Reflected XSS

June 27th, 2024

With an example from Shopify, learn about the impact of Reflected XSS vulnerabilities in ecommerce.

Exposure Management

From Zero to Hero: Your Guide to Building a Bug Bounty Program With HackerOne

June 6th, 2024

Learn the value of bug bounty for your security program and how to launch and manage a successful BBP with HackerOne.

Exposure Management

3 Bug Bounty Lessons From Retail & eCommerce Customers

May 31st, 2024

Learn 3 bug bounty lessons from HackerOne Retail & eCommerce customers.

Exposure Management

HackerOne Spot Checks for On-Demand, Targeted Security Testing

May 28th, 2024

HackerOne Spot Checks: a specialized capability to bridge the gap between limited resources and thorough security.

Exposure Management

What Is a Vulnerability Disclosure Program and Do You Need One?

May 14th, 2024

Are you wondering about Vulnerability Disclosure Programs (VDPs)? Here’s why you need one, and instructions on starting one or improving your current process.

Ethical hackers working on election security

Security Compliance

Exposure Management

How Ethical Hackers Are Securing Elections

May 14th, 2024

Election technology manufacturers teamed up with ethical hackers to secure elections.

Exposure Management

How Serialized Cookies Led to RCE on a WordPress Website

May 9th, 2024

Learn first-hand from a hacker about a Wordpress remote code execution vulnerability: how to identify it, its risks, and remediation.

Hacker discovering prompt injection vulnerability

Exposure Management

How a Prompt Injection Vulnerability Led to Data Exfiltration

April 29th, 2024

As the use of GenAI and LLMs has ramped up, so have the vulnerabilities that come with them, and one of the worst is prompt injection.

Exposure Management

Human-Powered Security: The Value of Ethical Hackers & Bug Bounty

April 23rd, 2024

Who is an ethical hacker, what is a bug bounty program, and why is human-powered security the best method for strengthening your security posture?