HackerOne Blog

The latest from HackerOne

6 Predictions Defining the Move to Always-On Cybersecurity in 2026

December 9th, 2025

Security leaders forecast 2026 as the year CTEM becomes essential, with AI-driven threats, agentic security, and continuous validation reshaping cyber risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

AI Red Teaming

Hai

The AI Security Playbook: Match Your Testing to Your Maturity

November 20th, 2025

AI systems demand more than one-off testing. See how to mature from reactive fixes to continuous assurance with layered AI security, safety, and trust practices.

Culture & Talent

Bug Bounty

Built, Not Born: From Curiosity to Cybersecurity

November 19th, 2025

A Botswana-born researcher shows how persistence, curiosity, and steady practice—not early access or talent—can build a career in cybersecurity.

From the CEO

AI Red Teaming

AI Security vs. AI Safety: Two Pillars CISOs Must Operationalize

November 18th, 2025

With 8 in 10 security leaders now concerned about AI risk, CISOs must unify AI Safety and Security to protect users, systems, and brand trust.

Hai

How Structured Intelligence Transforms Vulnerability Validation

November 12th, 2025

Structured intelligence turns vulnerability data into clear, defensible insights that accelerate remediation and strengthen security programs.

Exposure Management

Code

AI Code Review Should Operate Like an Engineer

November 10th, 2025

AI code review unites intelligent automation with expert oversight to strengthen software security from the first submission.

HackerOne News

Salesforce-Connected Third-Party Drift Application Incident Response Update

November 10th, 2025

HackerOne confirms limited data exposure from the Salesforce/Drift breach. No customer vulnerability data impacted. Investigation ongoing.

Hai

Turning Incomplete Submissions into Actionable Intelligence

November 5th, 2025

Turn incomplete submissions into actionable intelligence with agentic AI to streamline validation and collaboration.

Security Research

Hai

3 Signals You Can’t Ignore from the 2025 Hacker-Powered Security Report

November 4th, 2025

AI is reshaping cybersecurity. Explore key findings from experts on how researchers, automation, and human insight are redefining defense in 2025.

Culture & Talent

Crowdsourced Security

Bug Bounty

Roni Carta: From Bug Bounties to Building a Safer Supply Chain

October 30th, 2025

A young ethical researcher turned bug bounty reports into a software supply chain startup—no VC funding to date, just curiosity and community.