HackerOne Blog

The latest from HackerOne

Finding Fast, Fixing Slow: The Rising Exposure Debt

May 6, 2026

Vulnerability submissions are up 76%. Unresolved criticals grew 25x. HackerOne platform data reveals a widening remediation gap that security teams can't afford to ignore.

Read Now

All

CTEM

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Code Security

Secure Markdown Rendering in React: Balancing Flexibility and Safety

December 1, 2023

In the realm of web development, the use of Markdown for content creation has become...

Code Security

Golang's Improper Error Handling: A Subtle Path to Security Vulnerabilities

November 29, 2023

Golang, known for its simplicity and efficiency, often catches developers off guard with its unique...

Code Security

Tackling the Goliath: Effective Strategies for Reviewing Large Codebases

November 29, 2023

Understanding the Challenge In an ideal world, code reviews are concise, focused, and manageable. However...

Mercado Libre working with ethical hackers in their public bug bounty program

Exposure Management

Mercado Libre’s Journey to a Public Bug Bounty Program

November 28, 2023

HackerOne is delighted to announce the launch of Mercado Libre’s Public Bug Bounty Program.

Code Security

Secure and Effective Logging in Golang: Best Practices and Tools

November 27, 2023

Logging is an essential aspect of software development, serving as a window into the operational...

Code Security

Why You Should Use Pull Requests: A Developer's Essential Tool

November 26, 2023

In the ever-evolving landscape of software development, the efficient management of code changes is a...

Women in cybersecurity at the Glass Firewall Conference

Inaugural Glass Firewall Conference Invites Women to Learn About Cybersecurity

November 21, 2023

The inaugural Glass Firewall Conference: Breaking Bytes and Barriers was sponsored by Capital One, GitHub, and HackerOne.

Government agency implementing Zero Trust with a VDP

Security Compliance

Public Policy

How VDP Aligns With Zero Trust

November 20, 2023

A core component of Zero Trust is enabling external testers to validate the continuous security of external-facing assets, like through a VDP.

Security Compliance

Public Policy

Fortifying Assets for SEC Compliance with HackerOne

November 16, 2023

After the SEC's recent charges against SolarWinds, publicly traded companies need robust cybersecurity risk management.