HackerOne Blog

Return on Mitigation

Code Security

Code

The Cost Savings of Fixing Security Flaws in Development

February 25th, 2025

There’s no debate that catching and fixing security flaws in development saves time, money, and stress.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Return on Mitigation

Hai

Turning Risk Reduction into a Living Metric: The RoM Dashboard is Here

August 4th, 2025

Security leaders face a constant challenge: how do you prove the value of your cybersecurity...

Return on Mitigation

Calculating Cybersecurity ROI with Return on Mitigation (RoM)

July 1st, 2025

Explore how Return on Mitigation (RoM) reframes cybersecurity ROI by highlighting the cost savings of proactive defense with a real-world example.

Return on Mitigation

Making the Business Case for AI Security: How to Show Value with Return on Mitigation

June 3rd, 2025

Struggling to explain security ROI? Learn how Return on Mitigation (RoM) quantifies AI security risks in financial terms.

Return on Mitigation

Calculate Return on Mitigation (RoM) With Hai

March 13th, 2025

Return on Mitigation (RoM) changes that. By calculating the cost savings of fixing vulnerabilities before...

Return on Mitigation

From the CEO

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Return on Mitigation

Code Security

Code

The Cost Savings of Fixing Security Flaws in Development

February 25th, 2025

There’s no debate that catching and fixing security flaws in development saves time, money, and stress.

Return on Mitigation

Security Research

A New Approach to Proving Cybersecurity Value (That Isn’t ROI)

February 14th, 2025

Over the past 8 months, Luke (hakluke) Stephens and I have spoken with 10 security...

2026 HackerOne RoM Webinar

This customer-only executive workshop focuses on Return on Mitigation as a fully quantifiable metric, now built directly into the HackerOne platform. Over the past year, RoM has evolved from a conceptual framework into a live, continuously updated dashboard that measures avoided financial loss from resolved vulnerabilities using validated program data, industry benchmarks, and customer-configurable risk inputs.

Read more about 2026 HackerOne RoM Webinar