Blog

Home > Blog

Blog

Browse by Category

Recent Posts

What Happens in Vegas...Stays on Hacktivity

H1-702 was HackerOne’s second annual live-hacking event held in Las Vegas. It’s hosted during Security Summer Camp: Where security teams, hackers, feds, and fans attend the trifecta of events: Black Hat, DEF CON, and BSides Las Vegas.

HackerOne
Read More

Interview with Hack the Air Force Winner, @CableJ

HackerOne recently sat down with Jack, who found 30 unique valid vulnerabilities during “Hack the Air Force” bug bounty challenge, making him the top hacker for the program.

HackerOne
Read More

Key Findings From The Hacker-Powered Security Report: Security Vulnerabilities Worry Companies the Most (6 of 6)

We surveyed our customers to see what their security focus is. Read the summarized data of our survey results that are published in the Hacker-Powered Security Report.

Luke Tucker
Read More

Capture The Flag Solution: reversing the password

Last week, a mini Capture The Flag (CTF) was posted about a criminal who changed Barry’s password. The challenge was to come up with the password the criminal chose. This blog will explain how the CTF could be solved.

Jobert Abma
Read More

Vulnerability Disclosure Policy Basics: 5 Critical Components

Vulnerabilities are found every day by security researchers, friendly hackers, customers, academics, journalists, and tech hobbyists. Because no system is entirely free of security issues, it's important to provide an obvious way for external parties to report vulnerabilities.

Luke Tucker
Read More

Aim High...Find, Fix, Win!

It took just under a minute for hackers to report the first security vulnerability to the U.S. Air Force. Twenty-five days later when the Hack the Air Force bug bounty challenge concluded, 207 valid vulnerabilities had been discovered. Hackers will be awarded more than $130,000 for making the Air Force more secure.

HackerOne
Read More

Key Findings From The Hacker-Powered Security Report: Vulnerability Disclosure Policies (5 of 6)

The Hacker-Powered Security Report found that, despite increased bug bounty program adoption and recommendations from federal agencies, 94 percent of the top publicly-traded companies do not have known vulnerability disclosure policies (VDP).

Luke Tucker
Read More

5 Hacker-Powered Trends You Need to Know About

For your quick reference, we’ve distilled the Hacker-Powered Security Report to 5 key trends that show how white-hat hackers are shaping the world of security.

HackerOne
Read More

Key Findings From The Hacker-Powered Security Report: Bounty Payments Are Increasing (4 of 6)

As you can imagine, money talks. Better hackers — those with more experience and in-demand skills — go where the money is, and that means organizations that pay more generally get access to the best talent.

Luke Tucker
Read More

How to: Recon and Content Discovery

Recon plays a major role while hacking on a program.  Recon doesn’t always mean to find subdomains belonging to a company, it also could relate to finding out how a company is setting up its properties and what resources they are using.

HackerOne
Read More