Best Practices & Guidance
Advice and guidance from hacker-powered security experts.
-
Read MoreThe Hacker-Powered Security Report 2019
-
Read MoreThe Hacker-Powered Security Report 2019: Financial and Insurance
-
Read Article3 Ways Hacker-Powered Security Helps the Agile CISO
Security teams are challenged by the radical shifts in software development, from the fast pace and frequent releases to new languages and modern models. In that whirlwind, CISOs still have to...
-
Read ArticleBreaking Down the Benefits of Hacker-Powered Pentests
To produce their recent report “The Total Economic Impact Of HackerOne Challenge: Improved Security And Compliance”, Forrester Consulting interviewed customers that switched to HackerOne...
-
Read ArticleDon’t Believe These 4 Bug Bounty Myths
Bug Bounties have become rather popular lately. So have common misconceptions. We’re here to set the record straight. We sat down with Laurie Mercer, a security engineer at HackerOne, to tackle...
-
Read MoreTotal Economic Impact Study: HackerOne
Partnered content, this free study provides you with independent data and analysis to measure the value organizations could realize by moving from traditional penetration testing efforts to HackerOne.
-
Read More451 Group Report: Bug Bounties and the Path to Secure Software
Third-party analyst report on how to choose and run a bug bounty program.
-
Read MoreWorldwide Security Coverage for Unlimited Reach
Cybercriminals aren’t bound by borders, resulting in nearly $600 billion in losses every year. Hackers are your best defense against risks.
-
Read MoreVulnerability Disclosure Policy. What is it. Why you need one. How to get started.
This three-part series answers all your questions on VDP best practices.
-
Read MoreVulnerability Disclosure Policy Basics: 5 Critical Components
12-page booklet providing advice for creating a vulnerability disclosure page - along with great quotes about why this matters.
-
Read MoreGuidance for Financial Services on Vulnerability Disclosure Policy Basics
Specific to Finserv on details needed to implement a complete and compliant policy. Takes the VDP guide and updates with finserv intro and Goldman Sachs policy example
-
Read MoreThe Beginners' Guide to Hacker-Powered Security
17-page booklet that highlights how hacker-powered security can work alongside established security efforts.
-
Read MoreSecure from the Start: The Complete Guide for Entrepreneurs
Secure from the Start: The Complete Guide for Entrepreneurs summarizes the key security topics that every technology entrepreneur needs to understand.
-
Read MoreThe Hacker-Powered Security Report 2018: Financial Services + Insurance
Vulnerability data and hacker-powered security adoption metrics for the financial services industry.
-
Read MoreNext-Gen Application Security Launch Effective Agile Security for Agile Development
Improving application security by incorporating bug bounties and crowdsourced pen tests into DevOps pipeline.
-
Read MoreTop 20 Public Bug Bounty Programs
In this list, you’ll see which programs on the HackerOne platform ranked highest on the total amount of bounties awarded to hackers over the life of the program.
-
Read More7 Common Security Pitfalls to Avoid When Migrating to the Cloud
12-page booklet that defines the most common security pitfalls when migrating to the cloud and how to prevent security regression.
-
Read MoreYelp
Quick blog recap and linkout to the Yelp engineering blog after their first 100 days of their public program. Good analysis and comparison of private to public transition.
-
Read MoreWordpress
Q&A their security team lead did with us on the blog, reprinted
-
Read MoreThe Shopify Case Study
Follow Shopify's hacker-powered security journey from the beginning: how responding to an external developers vulnerability report evolved to the model public bug bounty program that it is today.
-
Loading More...
