HackerOne Blog

Public Policy

Digital background

Why Reauthorizing CISA 2015 Is Critical to the AI Action Plan

July 24, 2025

CISA 2015 is the backbone of public-private cybersecurity collaboration. As Congress faces reauthorization, here's why letting it lapse would put defenders, and national security, at risk.

Read Now

All

AI

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Fortifying Assets for SEC Compliance

Security Compliance

Fortifying Assets for SEC Compliance with HackerOne

November 16, 2023

After the SEC's recent charges against SolarWinds, publicly traded companies need robust cybersecurity risk management.

Computer screen showing budgeting sheet

Security Compliance

2024 Budget Planning: Preparing For U.S. Mandates to Implement Vulnerability Disclosure Policies (VDPs)

November 9, 2023

U.S. policymakers are increasingly encouraging and mandating public and private sector organizations to enhance their cybersecurity programs by adopting VDPs. Have you planned for a VDP in next year’s budget?

A lock with a colorful color overlay

Security Compliance

VDPs Are Good For the Government — and Good For Business

August 28, 2023

Congress recently introduced the Federal Cybersecurity Vulnerability Reduction Act.

Graphic showing the new SEC cybersecurity rule

Security Compliance

New SEC Cyber Rules Incentivize Proactive Security Measures

August 9, 2023

SEC’s Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule The SEC’s final rule is...

Governments Across The World Are Mandating Vulnerability Disclosure So Why Are Companies Sitting On Their Hands?

Security Compliance

GUEST BLOG: Governments Across The World Are Mandating Vulnerability Disclosure So Why Are Companies Sitting On Their Hands?

May 24, 2023

The IoT Security Foundation’s fifth annual report into the state of vulnerability disclosure consumer Internet...

FDA's New Cybersecurity Requirements: Are You Prepared as a Medical Device Manufacturer?

Security Compliance

FDA's New Cybersecurity Requirements: Are You Prepared as a Medical Device Manufacturer?

May 12, 2023

Where To Begin? Companies submitting products for FDA approval must do the following: Provide details...

HackerOne Responds To The Review of The UK’s Computer Misuse Act (CMA)

Security Compliance

HackerOne Responds To The Review of The UK’s Computer Misuse Act (CMA)

April 19, 2023

By Ilona Cohen, Chief Policy Officer, and Michael Woolslayer, Policy Counsel The U.K. is in...

HackerOne - Blog Header Image

Security Compliance

Cyber Regulations Can Make Our Nation Safer

March 29, 2023

While a largely voluntary approach to critical infrastructure cybersecurity has led to some improvements, a...

Zero Trust Mandate

Security Compliance

How Human Security Testing Helps the U.S. Government’s Zero Trust Mandate

January 9, 2023

One major reason for the progress is a May 2021 Executive Order that pushes federal...