HackerOne Team

  • HackerOne Announces a New Customer Pentest Setup that's More Efficient and Speeds Time to Launch

    HackerOne Announces a New Customer Pentest Setup that's More Efficient and Speeds Time to Launch

    This improved experience reduces time to launch, which is vital when your organization is up against an urgent timeline to complete a pentest due to a recent acquisition, a security breach,...

    Read Article
  • Why HackerOne Acquired Pull Request and What It Means to Our Customers

    Why HackerOne Acquired Pull Request and What It Means to Our Customers

    Security vulnerabilities are a significant workflow disruption when discovered near the end of development. Vulnerabilities found after release are a bigger problem. Depending on the severity,...

    Read Article
  • Announcing the Results of the 12-month DIB-VDP Pilot

    Announcing the Results of the 12-month DIB-VDP Pilot

    Learn more about the DoD DIB-VDP Pilot here.

    Read Article
  • How Wix Improves Their Security Posture with Ethical Hackers

    How Wix Improves Their Security Posture with Ethical Hackers

    Reducing risk is fundamental to Wix’s approach to cybersecurity, and as the threat landscape evolves, they turn to HackerOne Bounty to protect their security posture. Since 2018, Wix has invited...

    Read Article
  • Announcing the HackerOne 2022 Attack Resistance Report: A Security Survey—How to Close Your Organization's Attack Resistance Gap

    Announcing the HackerOne 2022 Attack Resistance Report: A Security Survey—How to Close Your Organization's Attack Resistance Gap

    Today, HackerOne published The 2022 Attack Resistance Report: A HackerOne Security Survey. Our research revealed an increasing gap—the attack resistance gap—between what organizations can defend...

    Read Article
  • How Ethical Hackers Help A.S. Watson Address Digital Risk

    How Ethical Hackers Help A.S. Watson Address Digital Risk

    A.S. Watson Group knows this as well as anyone. As the world’s largest international health and beauty retailer, they are in charge of the security for a footprint that includes more than 16,400...

    Read Article
  • Preventing Compromised Password Reuse on HackerOne.com

    Preventing Compromised Password Reuse on HackerOne.com

    This week, we rolled out an improvement to account security on the HackerOne website. We now block the use of any password known to have been compromised in major data breaches. This applies to...

    Read Article
  • Shifting Left with Ethical Hackers: A Q&A with GitLab

    Shifting Left with Ethical Hackers: A Q&A with GitLab

    We sat down with James Ritchey, Application Security Team Manager at GitLab and a three-year member of HackerOne’s Technical Advisory Board. James talked about how GitLab is shifting left to bring...

    Read Article
  • Donating Bounties to Humanitarian Efforts in Ukraine

    Donating Bounties to Humanitarian Efforts in Ukraine

    In 2020, we launched the Hack for Good program to allow ethical hackers to donate their bounties to charitable causes. With the world's eyes on the invasion of Ukraine, we are inviting hackers to...

    Read Article
  • Addressing the Security Gap in High Velocity Modern Application Development Cycles

    Addressing the Security Gap in High Velocity Modern Application Development Cycles

    In November and December 2021, ESG interviewed HackerOne customers from three companies. Discussions centered on how they are adapting their application security programs.

    Read Article
  • Securing Digital Transformation with Vulnerability Disclosure: A Q&A with John Deere CISO, James Johnson

    Securing Digital Transformation with Vulnerability Disclosure: A Q&A with John Deere CISO, James Johnson

    John Deere’s CISO, James Johnson, and his team are committed to ensuring that the people who depend on John Deere for their livelihood rest easy knowing their information and products are secure....

    Read Article
  • Nine Months into the DIB-VDP Pilot, Nearly 1,000 Valid Vulnerabilities Have Been Identified

    Nine Months into the DIB-VDP Pilot, Nearly 1,000 Valid Vulnerabilities Have Been Identified

    Maintaining the security of the digital assets within the Defense Industrial Base (DIB) contractor networks helps defend the United States of America. For the last nine months, Department of...

    Read Article
  • 2022 Buyer’s Guide to Pentesting - How to Choose and Assess the Ideal Pentest Solution for Your Organization’s Needs

    2022 Buyer’s Guide to Pentesting - How to Choose and Assess the Ideal Pentest Solution for Your Organization’s Needs

    Pentests are a foundational requirement for any security program, and come in multiple forms. Our Hacker-Powered pentests can uncover critical findings that traditional pentests often miss. Learn abou

    Read More
  • The HackerOne Global Top 10—Hacker Expertise, Industry Data, and Up-to-Date Vulnerabilities

    The HackerOne Global Top 10—Hacker Expertise, Industry Data, and Up-to-Date Vulnerabilities

    Many security teams use the OWASP Top 10 as a guideline to understand where they should focus their security strategies and cyberattack prevention efforts. The OWASP Top 10 originated in 2003 and...

    Read Article
  • Log4Shell: Attack Evolution

    Log4Shell: Attack Evolution

    For many security teams, the holiday season was spoiled by the challenging remediation of Log4Shell. The affected Log4j software is ubiquitous in web applications, making this one of the most...

    Read Article
  • Log4j Vulnerability Activity on the HackerOne Platform

    Log4j Vulnerability Activity on the HackerOne Platform

    December 17th Update:  Vulnerabilities in Log4j have been evolving over the course of this week since the original disclosure of CVE-2021-44228, also known as Log4Shell.  There is now a second...

    Read Article
  • De-Risk Your Supply Chain with Security Ratings & Vulnerability Detection55:33

    De-Risk Your Supply Chain with Security Ratings & Vulnerability Detection

    Watch Video
  • Common Vulnerability Scoring System [CVSS] | A Complete Explanation

    Common Vulnerability Scoring System [CVSS] | A Complete Explanation

    What Is the Common Vulnerability Scoring System? CVSS is a free and open industry standard for assessing the severity of computer system security vulnerabilities. It produces a numerical score to...

    Read Article
  • Hacker-Powered Security Report: Industry Insights '21

    Hacker-Powered Security Report: Industry Insights '21

    Read More
  • How Hackers Help Organizations Face New Attack Vectors and Build Stronger Security Programs

    How Hackers Help Organizations Face New Attack Vectors and Build Stronger Security Programs

    Among the topics they explored included the success of their long-running bug bounty programs in discovering security vulnerabilities, how to explain program value to C-suite executives, and why...

    Read Article
  • loading
    Loading More...