Blog Posts
The latest & greatest from the HackerOne blog.
-
Read ArticleWhy Every Federal Agency Needs a VDP
"The decision to require that every agency have a vulnerability disclosure policy is a major step forward in both increasing security and extending an open hand to a community that is on the front...
-
Read ArticleGitLab Celebrates Awarding $1 Million in Bounties to Hackers on HackerOne
Not every bug bounty program is built the same. Today, GitLab announced that they have surpassed the milestone of awarding out $1 million in bug bounties to hackers on HackerOne for discovering...
-
Read ArticleHackerOne Launches Bug Bounty Program for Kubernetes
The Kubernetes bug bounty program was announced today, after months of running in a ‘beta’ mode with invite-only researchers. The goal of the program is to secure one of the most widely used open...
-
Read ArticleHacking for Good
We start the new year of 2020 with great prospects. First of all, 2019 turned out to be a massive success for hacker-powered security. HackerOne paid out over $35,000,000 in bounties to hackers...
-
Read ArticleThis Season, Give the Gift of Data-Driven Insight
It’s that time of the year again. Time to dig out your wrinkled “No, I can’t fix your computer” t-shirt from the bottom of the drawer. You can avoid Uncle John's curiosity about the best free...
-
Read ArticleGitLab's Public Bug Bounty Program Turns One
This guest blog post was authored by GitLab Senior Application Security Engineer Juan Broullon and originally published on the GitLab security blog. One year ago today, we launched our public bug...
-
Read ArticleUsing Bug Bounty Talent Pools to Attract and Maintain Top Talent
Security leaders today face a complex set of talent challenges—from training on the latest attack vectors, to finding talent with the right skills, to preventing burnout. HackerOne demonstrates...
-
Read ArticleTransparency Builds Trust
Someone called it a “breach,” and the world took notice. Here is the story. There is no trust without transparency. For us at HackerOne, it is a company value we live every day. Any valid...
-
Read ArticleHow Bug Bounties Help You Shift Left
For many organizations, the days when security acted as a final “check-in” are disappearing faster than the guacamole at a Super Bowl party. Nowadays, cloud, agile, DevOps, and CI/CD pipelines...
-
Read ArticleHackerOne is a 2019 Cyber Catalyst Designated Cybersecurity Solution
HackerOne has been chosen as a 2019 Cyber CatalystSM designated cybersecurity solution. HackerOne Bounty was selected by Cyber Catalyst insurers as a solution that can have a meaningful impact on...
-
Read Article8 High-impact Bugs and How HackerOne Customers Avoided a Breach: SQL Injection
This blog series counts down 8 high-impact vulnerability types, along with examples of how HackerOne helped avoid breaches associated with them. This blog, the third in the series, looks at SQL...
-
Read ArticleHow the Risk-Averse DoD Learned to Stop Worrying and Love the Hackers
There are few, if any, organizations more risk-averse than the U.S. Department of Defense. But even this staid agency has realized the security benefits of working with hackers, such as saving...
-
Read ArticleThe World's Elite Hackers Share Tips and Insights
As many hackers on the HackerOne platform know, you can make a good living out of bug-hunting. But a few of our hackers have made a really good living. Bloomberg Tech Editor Aki Ito moderated a...
-
Read ArticleLINE Launches Public Bug Bounty Program: Q&A with Security Engineer Robin Lunde
LINE Corporation is one of the most popular messaging applications in Asia Pacific, serving millions of users in countries including Japan, Thailand, Indonesia, Taiwan, and India to name a few....
-
Read ArticleSupporting the Source: Why HackerOne is Upgrading its Free Tools for Open Source
Protecting open source is our social responsibility and essential to internet well being. We believe this is important and essential. Open source software powers HackerOne. It powers our...
-
Read ArticleAnnouncing Program Audit Log
As our customers’ security teams grow, it’s important for us to sustain their growth with new features. Today we’re announcing the Program Audit Log. It enables customers to audit important...
-
Read ArticleReducing Risk With a Bug Bounty Program
Data breaches can cost millions in damages and fines and have a devastating impact on customer trust, reputation, and finances. The Information Commissioner Office (ICO) in the United Kingdom (UK)...
-
Read ArticleU.S. Department of Defense VDP Wins Prestigious 2019 DoD Chief Information Officer Award
This guest blog post was contributed by the U.S. Department of Defense (DoD) Cyber Crime Center (DC3) public affairs team. On Nov. 3, 2019 in the Pentagon Auditorium, the DoD Cyber Crime Center...
-
Read ArticleHacking the Singapore Government: A Q&A With A Top Hacker & MINDEF 2.0 Results
On Friday, HackerOne announced the results of the second bug bounty challenge with the Ministry of Defence, Singapore (MINDEF). The three-week challenge ran from September 30, 2019 to October 21,...
-
Read Article8 High-Impact Bugs and How HackerOne Customers Avoided a Breach: Information Disclosure
This blog series counts down 8 high-impact vulnerability types, along with examples of how HackerOne helped avoid breaches associated with them. This is the second in the series after we kicked...
-
Loading More...
