HackerOne Blog

The latest from HackerOne

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Public Policy

Response

AI Red Teaming

What Security Leaders Need to Know About the UK’s Updated Cyber Framework

August 26th, 2025

Learn how the UK’s CAF v4.0 updates impact cybersecurity risk assessment and what security leaders need to know. Get actionable insights.

Code Security

Code

Scaling Expert Oversight of AI: HackerOne's Human-in-the-Loop Methodology

August 21st, 2025

How HackerOne Code scales secure AI with HiTL validation, combining expert oversight, Explainable AI, and continuous feedback loops.

Code

How HackerOne Uses AI to Triage, Prioritize, and Validate Code Scanner Findings at Scale

August 21st, 2025

AI-powered validation cuts through scanner noise, helping dev teams triage, prioritize, and remediate code vulnerabilities faster.

AI Red Teaming

DEF CON 33: Field Notes on AI Security, AI Red Teaming, and the Road Ahead

August 21st, 2025

DEF CON 33 revealed where AI security is headed: continuous testing, hybrid models, and agentic systems. See the key takeaways.

HackerOne News

AI Red Teaming

LLMs adversarial testing with HackerOne: Join the CTF!

August 19th, 2025

Push the limits of AI safety in [ai_gon3_rogu3], a 10-day CTF by HackerOne & HTB. Register now to test and break LLMs in real adversarial scenarios.

Cloud Security

Pentest as a Service

GCP Security Configuration Review and Best Practices

August 7th, 2025

HackerOne's community-driven Pentest as a Service (PTaaS) uncovers vulnerabilities specific to Google Cloud, leveraging expert methodologies and tailored testing approaches.

Public Policy

Belgium’s NIS2 Transposition: A Practical Model for other EU States

August 6th, 2025

Belgium’s NIS2 Quick Start Guide and Cyber Fundamentals Framework simplify compliance. Learn why VDPs are now a legal requirement across the EU.

Offensive Security

Pentest as a Service

External Network Penetration Testing and Best Practices

August 6th, 2025

Learn how external network penetration testing hardens internet-facing assets. Get best practices, common risks, and how HackerOne PTaaS reduces risk fast.

HackerOne News

Platform

Hacking in the Age of AI: A New Way to Understand Human + Machine Contributions

August 5th, 2025

The HackerOne leaderboard now distinguishes between individual researchers and AI-powered collectives, bringing more clarity and transparency to security contributions.