Blog Posts

The latest & greatest from the HackerOne blog.

  • Why Every Federal Agency Needs a VDP

    Why Every Federal Agency Needs a VDP

    "The decision to require that every agency have a vulnerability disclosure policy is a major step forward in both increasing security and extending an open hand to a community that is on the front...

    Read Article
  • GitLab Celebrates Awarding $1 Million in Bounties to Hackers on HackerOne

    GitLab Celebrates Awarding $1 Million in Bounties to Hackers on HackerOne

    Not every bug bounty program is built the same. Today, GitLab announced that they have surpassed the milestone of awarding out $1 million in bug bounties to hackers on HackerOne for discovering...

    Read Article
  • HackerOne Launches Bug Bounty Program for Kubernetes

    HackerOne Launches Bug Bounty Program for Kubernetes

    The Kubernetes bug bounty program was announced today, after months of running in a ‘beta’ mode with invite-only researchers. The goal of the program is to secure one of the most widely used open...

    Read Article
  • Hacking for Good

    Hacking for Good

    We start the new year of 2020 with great prospects. First of all, 2019 turned out to be a massive success for hacker-powered security. HackerOne paid out over $35,000,000 in bounties to hackers...

    Read Article
  • This Season, Give the Gift of Data-Driven Insight

    This Season, Give the Gift of Data-Driven Insight

    It’s that time of the year again. Time to dig out your wrinkled “No, I can’t fix your computer” t-shirt from the bottom of the drawer. You can avoid Uncle John's curiosity about the best free...

    Read Article
  • GitLab's Public Bug Bounty Program Turns One

    GitLab's Public Bug Bounty Program Turns One

    This guest blog post was authored by GitLab Senior Application Security Engineer Juan Broullon and originally published on the GitLab security blog. One year ago today, we launched our public bug...

    Read Article
  • Using Bug Bounty Talent Pools to Attract and Maintain Top Talent

    Using Bug Bounty Talent Pools to Attract and Maintain Top Talent

    Security leaders today face a complex set of talent challenges—from training on the latest attack vectors, to finding talent with the right skills, to preventing burnout. HackerOne demonstrates...

    Read Article
  • Transparency Builds Trust

    Transparency Builds Trust

    Someone called it a “breach,” and the world took notice. Here is the story. There is no trust without transparency. For us at HackerOne, it is a company value we live every day. Any valid...

    Read Article
  • How Bug Bounties Help You Shift Left

    How Bug Bounties Help You Shift Left

    For many organizations, the days when security acted as a final “check-in” are disappearing faster than the guacamole at a Super Bowl party. Nowadays, cloud, agile, DevOps, and CI/CD pipelines...

    Read Article
  • HackerOne is a 2019 Cyber Catalyst Designated Cybersecurity Solution

    HackerOne is a 2019 Cyber Catalyst Designated Cybersecurity Solution

    HackerOne has been chosen as a 2019 Cyber CatalystSM designated cybersecurity solution. HackerOne Bounty was selected by Cyber Catalyst insurers as a solution that can have a meaningful impact on...

    Read Article
  • 8 High-impact Bugs and How HackerOne Customers Avoided a Breach: SQL Injection

    8 High-impact Bugs and How HackerOne Customers Avoided a Breach: SQL Injection

    This blog series counts down 8 high-impact vulnerability types, along with examples of how HackerOne helped avoid breaches associated with them. This blog, the third in the series, looks at SQL...

    Read Article
  • How the Risk-Averse DoD Learned to Stop Worrying and Love the Hackers

    How the Risk-Averse DoD Learned to Stop Worrying and Love the Hackers

    There are few, if any, organizations more risk-averse than the U.S. Department of Defense. But even this staid agency has realized the security benefits of working with hackers, such as saving...

    Read Article
  • The World's Elite Hackers Share Tips and Insights

    The World's Elite Hackers Share Tips and Insights

    As many hackers on the HackerOne platform know, you can make a good living out of bug-hunting. But a few of our hackers have made a really good living. Bloomberg Tech Editor Aki Ito moderated a...

    Read Article
  • LINE Launches Public Bug Bounty Program: Q&A with Security Engineer Robin Lunde

    LINE Launches Public Bug Bounty Program: Q&A with Security Engineer Robin Lunde

    LINE Corporation is one of the most popular messaging applications in Asia Pacific, serving millions of users in countries including Japan, Thailand, Indonesia, Taiwan, and India to name a few....

    Read Article
  • Supporting the Source: Why HackerOne is Upgrading its Free Tools for Open Source

    Supporting the Source: Why HackerOne is Upgrading its Free Tools for Open Source

    Protecting open source is our social responsibility and essential to internet well being. We believe this is important and essential. Open source software powers HackerOne. It powers our...

    Read Article
  • Announcing Program Audit Log

    Announcing Program Audit Log

    As our customers’ security teams grow, it’s important for us to sustain their growth with new features. Today we’re announcing the Program Audit Log. It enables customers to audit important...

    Read Article
  • Reducing Risk With a Bug Bounty Program

    Reducing Risk With a Bug Bounty Program

    Data breaches can cost millions in damages and fines and have a devastating impact on customer trust, reputation, and finances. The Information Commissioner Office (ICO) in the United Kingdom (UK)...

    Read Article
  • U.S. Department of Defense VDP Wins Prestigious 2019 DoD Chief Information Officer Award

    U.S. Department of Defense VDP Wins Prestigious 2019 DoD Chief Information Officer Award

    This guest blog post was contributed by the U.S. Department of Defense (DoD) Cyber Crime Center (DC3) public affairs team. On Nov. 3, 2019 in the Pentagon Auditorium, the DoD Cyber Crime Center...

    Read Article
  • Hacking the Singapore Government: A Q&A With A Top Hacker & MINDEF 2.0 Results

    Hacking the Singapore Government: A Q&A With A Top Hacker & MINDEF 2.0 Results

    On Friday, HackerOne announced the results of the second bug bounty challenge with the Ministry of Defence, Singapore (MINDEF). The three-week challenge ran from September 30, 2019 to October 21,...

    Read Article
  • 8 High-Impact Bugs and How HackerOne Customers Avoided a Breach: Information Disclosure

    8 High-Impact Bugs and How HackerOne Customers Avoided a Breach: Information Disclosure

    This blog series counts down 8 high-impact vulnerability types, along with examples of how HackerOne helped avoid breaches associated with them. This is the second in the series after we kicked...

    Read Article
  • loading
    Loading More...