HackerOne Blog

The latest from HackerOne

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Government agency implementing Zero Trust with a VDP

Security Compliance

Public Policy

How VDP Aligns With Zero Trust

November 20th, 2023

A core component of Zero Trust is enabling external testers to validate the continuous security of external-facing assets, like through a VDP.

Security Compliance

Public Policy

Fortifying Assets for SEC Compliance with HackerOne

November 16th, 2023

After the SEC's recent charges against SolarWinds, publicly traded companies need robust cybersecurity risk management.

Meet the Talent Strategy Team

November 15th, 2023

Our understanding of leadership and employee needs and the ability to build learning and development...

A security team prioritizing vulnerability management

Exposure Management

Vulnerability Prioritization: Severity Does Not Mean Priority

November 14th, 2023

A data-informed prioritization strategy is integral to ensuring remediation efforts are practical — and severity does not always mean priority.

Security Compliance

Public Policy

2024 Budget Planning: Preparing For U.S. Mandates to Implement Vulnerability Disclosure Policies (VDPs)

November 9th, 2023

U.S. policymakers are increasingly encouraging and mandating public and private sector organizations to enhance their cybersecurity programs by adopting VDPs. Have you planned for a VDP in next year’s budget?

Offensive Security

What Is the Difference Between Pentesting and Bug Bounty?

November 8th, 2023

Do pentesting and bug bounties serve the same purpose or complement each other? Let’s explore the four different approaches to pentests and the key differences between bug bounty and pentesting.

Exposure Management

5 Common Mistakes When Running a Bug Bounty Program

October 31st, 2023

Why do organizations experience challenges when running bug bounty programs?

Crowdsourced Security

Salesforce Teams Up With All-Star Hackers at H1-4420

October 30th, 2023

Salesforce and HackerOne joined 45 of the world’s best ethical hackers in London for a live hacking event.

HackerOne using GenAI for vulnerability detection and remediation

Responsible AI at HackerOne

October 25th, 2023

At HackerOne, we are combining human intelligence with artificial intelligence at scale to improve the efficiency of people and unlock entirely new capabilities.