HackerOne Blog

Return on Mitigation

Code Security

Code

The Cost Savings of Fixing Security Flaws in Development

February 25th, 2025

There’s no debate that catching and fixing security flaws in development saves time, money, and stress.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Exposure Management

Return on Mitigation

When Discovery Is Cheap, Validation Is Priceless for Reducing Risk

March 26th, 2026

AI is making vulnerability discovery cheap. CTEM only reduces risk when teams validate exploitability, remediate, and retest to prove fixes hold.

Return on Mitigation

Hai

Turning Risk Reduction into a Living Metric: The RoM Dashboard is Here

August 4th, 2025

Security leaders face a constant challenge: how do you prove the value of your cybersecurity...

Return on Mitigation

Calculating Cybersecurity ROI with Return on Mitigation (RoM)

July 1st, 2025

Explore how Return on Mitigation (RoM) reframes cybersecurity ROI by highlighting the cost savings of proactive defense with a real-world example.

Return on Mitigation

Making the Business Case for AI Security: How to Show Value with Return on Mitigation

June 3rd, 2025

Struggling to explain security ROI? Learn how Return on Mitigation (RoM) quantifies AI security risks in financial terms.

Return on Mitigation

Calculate Return on Mitigation (RoM) With Hai

March 13th, 2025

Return on Mitigation (RoM) changes that. By calculating the cost savings of fixing vulnerabilities before...

Return on Mitigation

From the CEO

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Return on Mitigation

Code Security

Code

The Cost Savings of Fixing Security Flaws in Development

February 25th, 2025

There’s no debate that catching and fixing security flaws in development saves time, money, and stress.

Return on Mitigation

Security Research

A New Approach to Proving Cybersecurity Value (That Isn’t ROI)

February 14th, 2025

Over the past 8 months, Luke (hakluke) Stephens and I have spoken with 10 security...

What’s Next on HackerOne, Plus a Live Security ROI Workshop | On-demand Webinar

Read more about What’s Next on HackerOne, Plus a Live Security ROI Workshop | On-demand Webinar