HackerOne Blog

The latest from HackerOne

A Call for a New Cybersecurity Measurement Standard

February 26th, 2025

Cybersecurity initiatives provide financial value to organizations. Still, translating the benefits of cybersecurity into dollars and cents has long been a challenge for security teams.

Read Now

All

Culture and Talent

Customer Stories

Engineering

From The CEO

News & Updates

Public Policy

Researcher Community

Vulnerability Management

OWASP Top 10: The Risk of Cryptographic Failures

October 21st, 2024

Cryptographic failures: what are they and why are they considered so concerning by the OWASP Top 10?

Vulnerability Management

Vulnerability Deep Dive: Gaining RCE Through ImageMagick With Frans Rosen

October 17th, 2024

The file upload vulnerability type is as broad in scope as the number of different...

How To Use HackerOne’s Global Vulnerability Policy Map

October 14th, 2024

Use HackerOne's Global Vulnerability Policy Map to keep up with evolving VDP mandates and recommendations.

European Council Adopts Cyber Resilience Act

October 11th, 2024

Learn about the EU Council's Cyber Resilience Act, where we're headed, and what we believe should happen next.

AI Safety & Security

Measure Your AI Risk Preparedness with This Interactive Self-Assessment Tool

October 10th, 2024

Learn how HackerOne's AI Risk Readiness Self-Assessment Tool helps measure your AI security and compliance preparedness.

The Recruitment Process: What to Expect When You Apply at HackerOne

October 9th, 2024

If you’re considering applying, here’s a look at what you can expect from the process...

Penetration Testing

Pentesting for Internal Networks

October 9th, 2024

Learn how to optimize internal network pentesting through community-driven pentesting as a service (PTaaS).

Security researcher finding IDOR vulnerability

Vulnerability Management

Penetration Testing

How an IDOR Vulnerability Led to User Profile Modification

October 8th, 2024

Learn the ins and outs of IDOR vulnerabilities and how one exploitation led to malicious user profile modification.

Ethical hacker finding broken access control vulnerabilities

How To Find Broken Access Control Vulnerabilities in the Wild

September 30th, 2024

Learn the ins and outs of broken access control vulnerabilities and how to find them in your security research.