HackerOne Blog

The latest from HackerOne

7 Predictions Defining the Move to Always-On Cybersecurity in 2026

December 9th, 2025

Security leaders forecast 2026 as the year CTEM becomes essential, with AI-driven threats, agentic security, and continuous validation reshaping cyber risk.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Offensive Security

Pentest as a Service

The Leading CISO Strategy to Pentest as a Service

July 17th, 2025

Security leaders are redefining penetration testing as a service to uncover vulnerabilities and protect every layer of enterprise risk.

Slopsquatting: AI's Contribution to Supply Chain Attacks

July 16th, 2025

As developers turn to AI tools to speed up coding, a new threat is emerging: slopsquatting. Learn how hallucinated package names in AI-generated code open the door to supply chain attacks, and what you can do to stop them.

Public Policy

The EU’s GPAI Code of Practice Highlights A Security-Centered Approach to AI

July 11th, 2025

The EU’s new GPAI Code lays out how to build AI responsibly, with a big focus on transparency, safety, and security. See why red teaming, bug bounties, and disclosure programs are becoming must-haves for AI developers.

8 AI Cybersecurity Concepts Every CISO Must Know: Insights from Anthropic and AWS

July 10th, 2025

Explore critical AI cybersecurity terms and concepts from our Anthropic and AWS webinar, boosting your understanding of vulnerabilities and safeguards.

Crowdsourced Security

Bug Bounty

Response

3 Crowdsourced Security Myths Are Holding You Back

July 9th, 2025

Leading CISOs are embracing crowdsourced security. Uncover 3 common myths and why ethical hackers are key to modern defense strategies.

Layers of Defense for AI Security Graphic

From the CEO

Rethinking Risk in the Age of AI

July 8th, 2025

AI is changing the attack surface. CISOs can respond with human-led testing, crowdsourced insight, and a new playbook for AI security.

Return on Mitigation

Calculating Cybersecurity ROI with Return on Mitigation (RoM)

July 1st, 2025

Explore how Return on Mitigation (RoM) reframes cybersecurity ROI by highlighting the cost savings of proactive defense with a real-world example.

Operationalizing Gartner TRiSM: Testing AI for Trust, Risk, and Security

June 27th, 2025

AI risks are systemic. Learn how to operationalize Gartner TRiSM framework with adversarial testing to validate and strengthen your AI security posture.

Crowdsourced Security

What We’ve Learned from 5 Months of Hackbot Activity

June 26th, 2025

AI-powered hackbots are capturing bounties and reshaping offensive security. Here’s what we’ve learned in 5 months—and how to prepare for what’s next.