HackerOne Blog

Public Policy

Digital background

Why Reauthorizing CISA 2015 Is Critical to the AI Action Plan

July 24th, 2025

CISA 2015 is the backbone of public-private cybersecurity collaboration. As Congress faces reauthorization, here's why letting it lapse would put defenders, and national security, at risk.

Read Now

All

AI

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Computer screen showing budgeting sheet

Security Compliance

2024 Budget Planning: Preparing For U.S. Mandates to Implement Vulnerability Disclosure Policies (VDPs)

November 9th, 2023

U.S. policymakers are increasingly encouraging and mandating public and private sector organizations to enhance their cybersecurity programs by adopting VDPs. Have you planned for a VDP in next year’s budget?

A lock with a colorful color overlay

Security Compliance

VDPs Are Good For the Government — and Good For Business

August 28th, 2023

Congress recently introduced the Federal Cybersecurity Vulnerability Reduction Act.

Graphic showing the new SEC cybersecurity rule

Security Compliance

New SEC Cyber Rules Incentivize Proactive Security Measures

August 9th, 2023

SEC’s Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule The SEC’s final rule is...

Governments Across The World Are Mandating Vulnerability Disclosure So Why Are Companies Sitting On Their Hands?

Security Compliance

GUEST BLOG: Governments Across The World Are Mandating Vulnerability Disclosure So Why Are Companies Sitting On Their Hands?

May 24th, 2023

The IoT Security Foundation’s fifth annual report into the state of vulnerability disclosure consumer Internet...

FDA's New Cybersecurity Requirements: Are You Prepared as a Medical Device Manufacturer?

Security Compliance

FDA's New Cybersecurity Requirements: Are You Prepared as a Medical Device Manufacturer?

May 12th, 2023

Where To Begin? Companies submitting products for FDA approval must do the following: Provide details...

HackerOne Responds To The Review of The UK’s Computer Misuse Act (CMA)

Security Compliance

HackerOne Responds To The Review of The UK’s Computer Misuse Act (CMA)

April 19th, 2023

By Ilona Cohen, Chief Policy Officer, and Michael Woolslayer, Policy Counsel The U.K. is in...

HackerOne - Blog Header Image

Security Compliance

Cyber Regulations Can Make Our Nation Safer

March 29th, 2023

While a largely voluntary approach to critical infrastructure cybersecurity has led to some improvements, a...

Zero Trust Mandate

Security Compliance

How Human Security Testing Helps the U.S. Government’s Zero Trust Mandate

January 9th, 2023

One major reason for the progress is a May 2021 Executive Order that pushes federal...