HackerOne

How Hackers—the Best Kept Secret in Cybersecurity—Can Help Your Organization Protect its Assets and Improve Security

HAC Security@

Last week, HackerOne held its fifth annual one-of-a-kind global Security@ conference featuring the best-kept secret in cybersecurity—hackers. 

HackerOne CEO, Marten Mikos, kicked us off by talking about the last year in cybersecurity. 

“New and significant attacks related to high-profile supply chain vulnerabilities, misconfiguration-led data breaches, and ransomware leave organizations with new vulnerabilities and third-party supplier risks. As a result, organizations seek a solution that can keep up with continuously evolving threats. Hackers can support organizations to scale cybersecurity efforts by providing continuous testing, finding vulnerabilities that scanners miss and that cybercriminals can exploit.”

HackerOne 5th Annual Security@—What We Learned

Our annual Security@ conference presented a wide range of sessions about how hackers can help mitigate risk and improve security. We were joined by sponsors AWS, SecurityScorecard, GitLab, HackEDU, customers, security executives, technical practitioners, expert hackers, and a record-breaking number of attendees.  

Over two days Security@ presented:

  • Customer speakers, including 
    • AWS, Costa Coffee, DoD DC3, Elastic, GitHub, GitLab, GoCardless, Google, HackEDU, HR Block, Intel, Next, OP Financial, PayPal, Riot Games,  Shopify, Trustpilot, UiPath, Visa, Zebra Technologies
  • Presentations including
    • Securing the Software Supply Chain with Hacker-Powered Security - As more organizations become digital-native and open source and third-party software become integral parts of software supply chains, there are also new vulnerabilities and weaknesses. Working with hackers allows organizations to protect their supply chains and scale their security programs across business transformation.
    • How Hackers Can Strengthen Cloud Application Security - Digital transformation means more cloud adoption and deployments, diversifying the attack surface. Yet, cloud skills are scarce, with 451 Research finding that 86% of companies experience a skills gap for implementing cloud. HackerOne customer Josh Bressers, Product Security Lead at Elastic, joined us for a Fireside Chat. By working with hackers, Elastic is able to manage risk better and scale security as they transform their business into a new digital ecosystem. 
    • From Disclosure to Pentest: Embedding Hackers at Each Step of the Development Lifecycle - HackerOne customer Zebra Technologies’ CSO Mike Zachman joined us for a Fireside Chat. He shared how Zebra’s work with hackers has allowed them to shift security priorities in alignment with the current threat landscape. Hackers became integral at all points of their development life, allowing them to create an end-to-end security process, and develop a great partnership between security and engineering. For Zebra, this means speed to value and the benefit of moving quickly to enroll products. They save time vetting and discovering vulnerabilities and can spend more time fixing and securing code. By working with hackers at all levels of security and development, they ensure greater security across the entire product lifecycle and deliver faster, better, and more secure products to customers.
  • EMEA and NA regional roundtable discussions

This conference had something for everyone, and we recorded every session. Attendees learned—and those who watch the recorded sessions—can learn how the best-kept secret in cybersecurity can help address all cybersecurity concerns from cloud security to DevSecOps, to securing the supply chain. Mitigate risk, implement continuous security testing at every product lifecycle stage, create strategic security programs, and train internal security teams. Learn from HackerOne hackers, customers, partners, industry experts, and security executives to improve your organization’s security profile. 

If you weren’t able to attend or want to watch the sessions again? Click here to register for the recorded sessions that include all Q&As, discussions, sessions, and more. 

 

The 8th Annual Hacker-Powered Security Report

HPSR blog ad image