HackerOne Blog

Public Policy

Why Reauthorizing CISA 2015 Is Critical to the AI Action Plan

July 24th, 2025

CISA 2015 is the backbone of public-private cybersecurity collaboration. As Congress faces reauthorization, here's why letting it lapse would put defenders, and national security, at risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Public Policy

What the UK’s New Cyber Security and Resilience Bill Means for Your Organization

December 11th, 2025

The UK’s Cyber Security and Resilience Bill expands NIS obligations, updates incident reporting, and raises expectations for resilience across digital services.

Public Policy

Pentest as a Service

CMMC 2.0 Final Rule: What Defense Contractors Need to Know

September 25th, 2025

The DoD has finalized CMMC 2.0. Learn what contractors must do to stay compliant with the new rule taking effect November 10, 2025.

Public Policy

Response

AI Red Teaming

What Security Leaders Need to Know About the UK’s Updated Cyber Framework

August 26th, 2025

Learn how the UK’s CAF v4.0 updates impact cybersecurity risk assessment and what security leaders need to know. Get actionable insights.

Public Policy

Belgium’s NIS2 Transposition: A Practical Model for other EU States

August 6th, 2025

Belgium’s NIS2 Quick Start Guide and Cyber Fundamentals Framework simplify compliance. Learn why VDPs are now a legal requirement across the EU.

Public Policy

What You Should Know About The Next Wave of EU AI Act Requirements

July 31st, 2025

Starting August 2, 2025, key EU AI Act requirements take effect, impacting high-risk AI systems and GPAI models. Learn how to align security with compliance.

Public Policy

Why Reauthorizing CISA 2015 Is Critical to the AI Action Plan

July 24th, 2025

CISA 2015 is the backbone of public-private cybersecurity collaboration. As Congress faces reauthorization, here's why letting it lapse would put defenders, and national security, at risk.

Public Policy

The EU’s GPAI Code of Practice Highlights A Security-Centered Approach to AI

July 11th, 2025

The EU’s new GPAI Code lays out how to build AI responsibly, with a big focus on transparency, safety, and security. See why red teaming, bug bounties, and disclosure programs are becoming must-haves for AI developers.

Public Policy

Promotion of AI Use by Government and Enhancing Security Are Key Themes Likely to Shape U.S. AI Action Plan

June 23rd, 2025

The Trump administration's AI policy is shaping up to prioritize responsible adoption by federal agencies and bolstered security for AI systems, with a focus on innovation, public trust, and national security.

Public Policy

To Attest or Not to Attest: Questions from the Trump Cyber Executive Order

June 18th, 2025

The new Trump cybersecurity EO rolls back secure software attestation rules—but VDPs remain vital. Here's what contractors and agencies need to know.