HackerOne Blog

The latest from HackerOne

Finding Fast, Fixing Slow: The Rising Exposure Debt

May 6, 2026

Vulnerability submissions are up 76%. Unresolved criticals grew 25x. HackerOne platform data reveals a widening remediation gap that security teams can't afford to ignore.

Read Now

All

CTEM

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

HackerOne News

Exposure Management

Introducing the HackerOne Champion Program and Our First Champion of the Quarter

February 19, 2026

Meet HackerOne’s first Champion of the Quarter: Erika Voss. A candid Q&A on customer trust, operational discipline, and proving progress with metrics.

Exposure Management

CTEM

Hai

56% Faster Validation: An Agentic Workflow for Continuous Exposure Reduction

February 18, 2026

Reduce exposure time with agentic validation powered by Hai. Cut triage noise, prove real risk, and accelerate remediation in a continuous CTEM loop.

Exposure Management

CTEM

Triage

Internal vs. Expert Triage: Why the Vulnerability Management Method You Pick Matters

February 12, 2026

Internal triage sounds simple, but volume and noise break workflows. Compare in-house vs expert triage for validated signal, faster fixes, and reduced risk.

Crowdsourced Security

Bug Bounty

How Santa Clara University Scales Security With a Small Team and Big Community

February 3, 2026

Santa Clara University scaled security with a student-driven bug bounty program and HackerOne support, improving visibility across campus systems.

Hai

How Shopify Responded When the AI Attack Surface Outpaced Security

February 3, 2026

Shopify used agentic AI to support bug bounty triage, reaching inbox zero and speeding validation and analyst onboarding while keeping humans in control.

Offensive Security

CTEM

Pentest as a Service

Pentesting Must Evolve: Continuous Validation at AI Scale, Expert Verified

January 26, 2026

Traditional pentests can’t keep pace with modern development. Agentic Pentest as a Service delivers continuous, human-validated security at scale.

Offensive Security

Pentest as a Service

The Agents Behind Hackerone Agentic PTaaS: Proven, Scalable, and Benchmarked

January 26, 2026

HackerOne Agentic PTaaS delivers continuous pentesting with autonomous agents and human verification, backed by safe orchestration and repeatable benchmarks.

Exposure Management

AI Security Testing Is the Maturity Milestone for Modern Organizations

January 15, 2026

As AI-related vulnerabilities surge, security testing becomes the maturity milestone that separates early adopters from AI-mature organizations.

Security Research

104 Hacking Tools and Resources

January 14, 2026

Updated list of 104 hacking tools and resources for security researchers, covering web proxies, recon, API testing, mobile, cloud, and more.