HackerOne Blog

The latest from HackerOne

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Exposure Management

Vulnerability Deep Dive: Gaining RCE Through ImageMagick With Frans Rosen

October 17th, 2024

The file upload vulnerability type is as broad in scope as the number of different...

Public Policy

How To Use HackerOne’s Global Vulnerability Policy Map

October 14th, 2024

Use HackerOne's Global Vulnerability Policy Map to keep up with evolving VDP mandates and recommendations.

Public Policy

European Council Adopts Cyber Resilience Act

October 11th, 2024

Learn about the EU Council's Cyber Resilience Act, where we're headed, and what we believe should happen next.

Measure Your AI Risk Preparedness with This Interactive Self-Assessment Tool

October 10th, 2024

Learn how HackerOne's AI Risk Readiness Self-Assessment Tool helps measure your AI security and compliance preparedness.

Culture & Talent

The Recruitment Process: What to Expect When You Apply at HackerOne

October 9th, 2024

If you’re considering applying, here’s a look at what you can expect from the process...

Offensive Security

Pentesting for Internal Networks

October 9th, 2024

Learn how to optimize internal network pentesting through community-driven pentesting as a service (PTaaS).

Security researcher finding IDOR vulnerability

Exposure Management

Offensive Security

How an IDOR Vulnerability Led to User Profile Modification

October 8th, 2024

Learn the ins and outs of IDOR vulnerabilities and how one exploitation led to malicious user profile modification.

Ethical hacker finding broken access control vulnerabilities

Exposure Management

Security Research

How To Find Broken Access Control Vulnerabilities in the Wild

September 30th, 2024

Learn the ins and outs of broken access control vulnerabilities and how to find them in your security research.

Offensive Security

You're Doing Pentesting Wrong

September 30th, 2024

Pentesting is overdue for a refresh. Leveraging the power of the pentester community and the efficiency of a Pentest as a Service (PTaaS) platform, pentesting can add real value to your organization.