HackerOne Blog

The latest from HackerOne

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Read Now

All

Culture and Talent

Customer Stories

Engineering

From The CEO

News & Updates

Public Policy

Researcher Community

AI Safety & Security

Security Compliance

A Partial Victory for AI Researchers

January 10th, 2025

What is the Digital Millennium Copyright Act and what are the implications of its recent ruling for AI researchers?

Best Practices

Vulnerability Management

ROI Isn’t Cutting It: 6 Questions to Help CISOs Better Quantify Security Investments

January 7th, 2025

However, in cybersecurity, quantifying net profit becomes significantly more complex due to the intangible nature...

AI Safety & Security

Vulnerability Management

The OWASP Top 10 for LLMs 2025: How GenAI Risks Are Evolving

December 18th, 2024

The new OWASP Top 10 for LLMs is here. How has it changed, and how can organizations prevent GenAI risks?

Vulnerability Management

Breaking Down the OWASP Top 10: Insecure Design

December 17th, 2024

Learn about the different types of insecure design vulnerabilities and how to identify them.

AI Safety & Security

New York Releases AI Cybersecurity Guidance: What You Need to Know

December 16th, 2024

What does New York's new AI Cybersecurity Guidance mean for financial institutions and other regulated companies?

Vulnerability Management

Penetration Testing

Azure Cloud Configuration Review

December 13th, 2024

Learn the testing methodologies and security best practices for Azure Cloud Configuration Review.

Vulnerability Management

Bug Bounty

How a Privilege Escalation Led to Unrestricted Admin Account Creation in Shopify

December 12th, 2024

This Shopify privilege escalation vulnerability could have resulted in the creation of unrestricted admin accounts.

Vulnerability Management

How Crypto and Blockchain Organizations Manage Complex Attack Surfaces With Competitive Security Testing Programs

December 12th, 2024

What makes securing crypto and blockchain organizations so different than other industries? Let's look at the data.

Vulnerability Management

Bug Bounty

Introducing the Wells Fargo Public Bug Bounty Program

December 10th, 2024

Wells Fargo announces its public bug bounty program after several years of engaging the HackerOne community.