HackerOne Blog

The latest from HackerOne

7 Predictions Defining the Move to Always-On Cybersecurity in 2026

December 9th, 2025

Security leaders forecast 2026 as the year CTEM becomes essential, with AI-driven threats, agentic security, and continuous validation reshaping cyber risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Offensive Security

AWS Security Configuration Review and Best Practices

October 23rd, 2024

Learn the ins and outs of AWS security configuration testing and why community-driven PTaaS is the best method.

Exposure Management

OWASP Top 10: The Risk of Cryptographic Failures

October 21st, 2024

Cryptographic failures: what are they and why are they considered so concerning by the OWASP Top 10?

Exposure Management

Vulnerability Deep Dive: Gaining RCE Through ImageMagick With Frans Rosen

October 17th, 2024

The file upload vulnerability type is as broad in scope as the number of different...

Public Policy

How To Use HackerOne’s Global Vulnerability Policy Map

October 14th, 2024

Use HackerOne's Global Vulnerability Policy Map to keep up with evolving VDP mandates and recommendations.

Public Policy

European Council Adopts Cyber Resilience Act

October 11th, 2024

Learn about the EU Council's Cyber Resilience Act, where we're headed, and what we believe should happen next.

Measure Your AI Risk Preparedness with This Interactive Self-Assessment Tool

October 10th, 2024

Learn how HackerOne's AI Risk Readiness Self-Assessment Tool helps measure your AI security and compliance preparedness.

Culture & Talent

The Recruitment Process: What to Expect When You Apply at HackerOne

October 9th, 2024

If you’re considering applying, here’s a look at what you can expect from the process...

Offensive Security

Pentesting for Internal Networks

October 9th, 2024

Learn how to optimize internal network pentesting through community-driven pentesting as a service (PTaaS).

Security researcher finding IDOR vulnerability

Exposure Management

Offensive Security

How an IDOR Vulnerability Led to User Profile Modification

October 8th, 2024

Learn the ins and outs of IDOR vulnerabilities and how one exploitation led to malicious user profile modification.