HackerOne

The HackerOne Blog

  • Why This Moment In Cybersecurity Needs Hackers To Protect All Software

    Why This Moment In Cybersecurity Needs Hackers To Protect All Software

    Originally published in Security Magazine When the pandemic hurled us into a cybersecurity crisis, there were some who held out hope that things would eventually return to normal. By now, we know...

    Read Article
  • Re-live the Security@ magic in our on-demand video library!

    Take me there!
  • Ethical Hacking: Unveiling the Power of Hacking for Good in Cybersecurity

    Ethical Hacking: Unveiling the Power of Hacking for Good in Cybersecurity

    In an era where data breaches and cyberattacks dominate headlines, a new and unconventional approach to cybersecurity has emerged, challenging traditional notions of protection. Ethical hacking,...

    Read Article
  • The Hacker Perspective on Generative AI and Cybersecurity

    The Hacker Perspective on Generative AI and Cybersecurity

    Future Risk Predictions In a recent presentation at Black Hat 2023, HackerOne Founder, Michiel Prins, and hacker, Joseph Thacker aka @rez0, discussed some of the most impactful risk predictions...

    Read Article
  • You're Doing Pentesting Wrong

    You're Doing Pentesting Wrong

    Pentesting has been around for decades, but it hasn’t undergone the revolution that other security practices have. Organizations tend to rely on pentesting as a tool to just “check-the-box” for...

    Read Article
  • You're Doing Pentesting Wrong

    You're Doing Pentesting Wrong

    Pentesting has been around for decades, but it hasn’t undergone the revolution that other security practices have. Organizations tend to rely on pentesting as a tool to just “check-the-box” for...

    Read Article
  • VDPs Are Good For the Government — and Good For Business

    VDPs Are Good For the Government — and Good For Business

    Federal contractors play a critical role in supporting the U.S. government. Because of their access to federal systems and data, they have the potential to impact the security of the nation’s...

    Read Article
  • How Ethical Hackers Are Helping Security Leaders Navigate the Budget Crunch

    How Ethical Hackers Are Helping Security Leaders Navigate the Budget Crunch

    Over the course of a few weeks, we had conversations with 50+ CISOs and security leaders from a wide range of industries, organization sizes, and geographic locations to find out how they balance...

    Read Article
  • Are You Ready for the New NIST Control Around Public Disclosure Programs?

    Are You Ready for the New NIST Control Around Public Disclosure Programs?

    Let’s first define what we’re talking about when we refer to these NIST controls. NIST 800-53 is a popular framework for security programs globally and also acts as the baseline control set for...

    Read Article
  • New SEC Cyber Rules Incentivize Proactive Security Measures

    New SEC Cyber Rules Incentivize Proactive Security Measures

    SEC’s Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule The SEC’s final rule is aimed at helping investors make informed investment decisions by providing them...

    Read Article
  • HackerOne and the OWASP Top 10 for LLM: A Powerful Alliance for Secure AI

    HackerOne and the OWASP Top 10 for LLM: A Powerful Alliance for Secure AI

    Browse by LLM vulnerability: Prompt Injection Insecure Output Handling Training Data Poisoning Model Denial of Service Supply Chain Vulnerabilities Sensitive Information Disclosure Insecure...

    Read Article
  • Company Update

    Company Update

    HackerOne CEO, Marten Mickos, emailed the following note to employees on August 2, 2023. H1 Team, I have made the painful and necessary decision to undertake a restructuring and we will reduce the...

    Read Article
  • Strengthening the SDLC with Security Advisory Services (SAS)

    Strengthening the SDLC with Security Advisory Services (SAS)

    What Is Security Advisory Services (SAS)? Security Advisory Services (SAS) is a value optimization service designed to help our customers maximize the return on investment of their HackerOne...

    Read Article
  • Amazon's Security Researcher Collaboration: Highlights from H1-213

    Amazon's Security Researcher Collaboration: Highlights from H1-213

    Read Article
  • Zoom and Salesforce: The Role of Hackers in Addressing Security Challenges

    Zoom and Salesforce: The Role of Hackers in Addressing Security Challenges

    This is where ethical hackers come in. During a recent panel at Infosecurity Europe, we heard from security professionals at Zoom and Salesforce, as well as hacker Tom Anthony, about the...

    Read Article
  • Five Takeaways from Ohio Secretary of State's VDP Success Story

    Five Takeaways from Ohio Secretary of State's VDP Success Story

    Recently, Ohio Secretary of State Chief Information Security Officer Jillian Burner, and HackerOne Co-founder and Head of Professional Services, Michiel Prins presented at the 46th annual IACA...

    Read Article
  • Security Should Never Sleep: Adopting Continuous Testing for Evolving Threats

    Security Should Never Sleep: Adopting Continuous Testing for Evolving Threats

    Creating Continuous Attack Resistance  In order to stay ahead of cybercriminals, businesses need to preemptively find flaws in their digital landscape that a bad actor would exploit. Periodic...

    Read Article
  • Generative AI and Security: HackerOne's Predictions

    Generative AI and Security: HackerOne's Predictions

    Offensive AI Will Outpace Defensive AI In the short term, and possibly indefinitely, we will see offensive or malicious AI applications outpace defensive ones that use AI for stronger security....

    Read Article
  • Takeaways from a Conversation Between Hackers and Program Managers

    Takeaways from a Conversation Between Hackers and Program Managers

    In our web event “Getting Vulnerable”, we brought together program managers Jill Moné-Corallo from GitHub, Garrett McNamara from ServiceNow, and Ansgar Pfeifer and Matthew Bryant (aka Mandatory)...

    Read Article
  • Grammarly CISO Suha Can Discusses the Impact of Preemptive Security with HackerOne

    Grammarly CISO Suha Can Discusses the Impact of Preemptive Security with HackerOne

    The allure of generative AI and the importance of the basics. While the advent of generative AI poses new challenges, it's important not to neglect the fundamentals. Implementing measures like...

    Read Article
  • Seven Essential Components Of A Top-Tier Attack Surface Management Program

    Seven Essential Components Of A Top-Tier Attack Surface Management Program

        1. Discover and Import  Maintaining an up-to-date inventory of all your internet-facing assets is crucial for effective risk management. HackerOne automates continuous attack surface...

    Read Article
  • loading
    Loading More...