HackerOne
The HackerOne Blog
-
Why This Moment In Cybersecurity Needs Hackers To Protect All Software
Originally published in Security Magazine When the pandemic hurled us into a cybersecurity crisis, there were some who held out hope that things would eventually return to normal. By now, we know...
-
Re-live the Security@ magic in our on-demand video library!
Take me there! -
Ethical Hacking: Unveiling the Power of Hacking for Good in Cybersecurity
In an era where data breaches and cyberattacks dominate headlines, a new and unconventional approach to cybersecurity has emerged, challenging traditional notions of protection. Ethical hacking,...
-
The Hacker Perspective on Generative AI and Cybersecurity
Future Risk Predictions In a recent presentation at Black Hat 2023, HackerOne Founder, Michiel Prins, and hacker, Joseph Thacker aka @rez0, discussed some of the most impactful risk predictions...
-
You're Doing Pentesting Wrong
Pentesting has been around for decades, but it hasn’t undergone the revolution that other security practices have. Organizations tend to rely on pentesting as a tool to just “check-the-box” for...
-
You're Doing Pentesting Wrong
Pentesting has been around for decades, but it hasn’t undergone the revolution that other security practices have. Organizations tend to rely on pentesting as a tool to just “check-the-box” for...
-
VDPs Are Good For the Government — and Good For Business
Federal contractors play a critical role in supporting the U.S. government. Because of their access to federal systems and data, they have the potential to impact the security of the nation’s...
-
How Ethical Hackers Are Helping Security Leaders Navigate the Budget Crunch
Over the course of a few weeks, we had conversations with 50+ CISOs and security leaders from a wide range of industries, organization sizes, and geographic locations to find out how they balance...
-
Are You Ready for the New NIST Control Around Public Disclosure Programs?
Let’s first define what we’re talking about when we refer to these NIST controls. NIST 800-53 is a popular framework for security programs globally and also acts as the baseline control set for...
-
New SEC Cyber Rules Incentivize Proactive Security Measures
SEC’s Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule The SEC’s final rule is aimed at helping investors make informed investment decisions by providing them...
-
HackerOne and the OWASP Top 10 for LLM: A Powerful Alliance for Secure AI
Browse by LLM vulnerability: Prompt Injection Insecure Output Handling Training Data Poisoning Model Denial of Service Supply Chain Vulnerabilities Sensitive Information Disclosure Insecure...
-
Company Update
HackerOne CEO, Marten Mickos, emailed the following note to employees on August 2, 2023. H1 Team, I have made the painful and necessary decision to undertake a restructuring and we will reduce the...
-
Strengthening the SDLC with Security Advisory Services (SAS)
What Is Security Advisory Services (SAS)? Security Advisory Services (SAS) is a value optimization service designed to help our customers maximize the return on investment of their HackerOne...
-
Amazon's Security Researcher Collaboration: Highlights from H1-213
-
Zoom and Salesforce: The Role of Hackers in Addressing Security Challenges
This is where ethical hackers come in. During a recent panel at Infosecurity Europe, we heard from security professionals at Zoom and Salesforce, as well as hacker Tom Anthony, about the...
-
Five Takeaways from Ohio Secretary of State's VDP Success Story
Recently, Ohio Secretary of State Chief Information Security Officer Jillian Burner, and HackerOne Co-founder and Head of Professional Services, Michiel Prins presented at the 46th annual IACA...
-
Security Should Never Sleep: Adopting Continuous Testing for Evolving Threats
Creating Continuous Attack Resistance In order to stay ahead of cybercriminals, businesses need to preemptively find flaws in their digital landscape that a bad actor would exploit. Periodic...
-
Generative AI and Security: HackerOne's Predictions
Offensive AI Will Outpace Defensive AI In the short term, and possibly indefinitely, we will see offensive or malicious AI applications outpace defensive ones that use AI for stronger security....
-
Takeaways from a Conversation Between Hackers and Program Managers
In our web event “Getting Vulnerable”, we brought together program managers Jill Moné-Corallo from GitHub, Garrett McNamara from ServiceNow, and Ansgar Pfeifer and Matthew Bryant (aka Mandatory)...
-
Grammarly CISO Suha Can Discusses the Impact of Preemptive Security with HackerOne
The allure of generative AI and the importance of the basics. While the advent of generative AI poses new challenges, it's important not to neglect the fundamentals. Implementing measures like...
-
Seven Essential Components Of A Top-Tier Attack Surface Management Program
1. Discover and Import Maintaining an up-to-date inventory of all your internet-facing assets is crucial for effective risk management. HackerOne automates continuous attack surface...
-
Loading More...