HackerOne
The HackerOne Blog
-
Read ArticleThe Cost Savings of Fixing Security Flaws in Development
When security incidents from software defects happen, retrospectives often tell the story of heroic remediation in the form of a few hundred lines of code (or less) but maximum organizational...
-
Re-live the Security@ magic in our on-demand video library!
Take me there! -
Read ArticleA New Approach to Proving Cybersecurity Value (That Isn’t ROI)
Over the past 8 months, Luke (hakluke) Stephens and I have spoken with 10 security executives, surveyed over 550 security professionals, and incorporated insights from HackerOne’s CISO Advisory...
-
Read ArticleCelebrating 10 Years of Partnership: Snap and HackerOne Reach $1M in Bounties
Q: Tell us about your role at Snap and why cybersecurity is vital to your business.Jim Higgins: I’m Snap's Chief Information Security Officer (CISO). Before joining Snap, I served as CISO at...
-
Read ArticleWomen@ Kicks Off the Year with a Vision Board Event
For the first meeting of the year, we swapped spreadsheets for inspiration boards. We hosted a Virtual Vision Board Activity—a creative and interactive way to set our intentions for 2025 while...
-
Read ArticleGain Actionable, Data-backed Insights with HackerOne Recommendations
Meet HackerOne Recommendations: a built-in intelligence layer that continuously refines your security program, delivering personalized insights and your program's historical performance.Eliminate...
-
Read ArticleWelcome, Hackbots: How AI Is Shaping the Future of Vulnerability Discovery
In 2024, we saw the adoption of AI in hacking workflows take off. In a survey of over 2,000 security researchers on the HackerOne Platform, 20% now see AI as an essential part of their work, up...
-
Read ArticleDORA Compliance Is Here: What Financial Entities Should Know
What Does DORA Regulate?DORA applies to a wide range of financial entities operating in the EU, including banks, insurers, investment firms, and payment institutions, along with critical...
-
Read ArticleThe HackerOne Cake Story
When Jobert and Michiel started their penetration testing consultancy, they ran into a frustrating reality. Convincing companies to trust two 18-year-olds without professional credentials or...
-
Read ArticleWhat Will a New Administration and Congress Mean for Cybersecurity and AI Regulation?
Much attention has been paid to the incoming administration’s stated intentions to roll back regulations, as well as their criticism of certain cybersecurity and artificial intelligence (AI)...
-
Read ArticleHow HackerOne Reinvented Security for Developers
Workflow IntegrationCode security tools need to be accessible in the toolkit developers already use and in the workflows they already know. Git pull/merge requests, the standard for peer review...
-
Read ArticleHope in the Fight Against Cyber Threats: A New Year’s Message to CISOs
Facing the Reality: Cybersecurity’s Mounting PressuresThe cybersecurity landscape is evolving at an unprecedented pace. This past year, breaches resulting from exploited vulnerabilities grew 180%,...
-
Read ArticleResurrecting Shift-Left With Human-in-the-loop AI
What’s Needed for Secure by Design SuccessWe spent years understanding the culprits of why “shift-left” controls fail to identify the principles needed for them to succeed. Success starts with a...
-
Read ArticleResurrecting Shift-Left With Human-in-the-loop AI
What’s Needed for Secure by Design SuccessWe spent years understanding the culprits of why “shift-left” controls fail to identify the principles needed for them to succeed. Success starts with a...
-
Read ArticleIntroducing Lightspark's Public Bug Bounty Program
Expanding Our Bug Bounty ProgramAt Lightspark, we’ve always been focused on security that meets and exceeds industry standards. We’ve been partnering with HackerOne, the global leader in ethical...
-
Read ArticleIntroducing Lightspark's Public Bug Bounty Program
Expanding Our Bug Bounty ProgramAt Lightspark, we’ve always been focused on security that meets and exceeds industry standards. We’ve been partnering with HackerOne, the global leader in ethical...
-
Read ArticleA Partial Victory for AI Researchers
HackerOne has partnered with security and AI communities to advocate for stronger legal protections for independent researchers. Most recently, HackerOne participated in a workshop hosted by...
-
Read ArticleA Partial Victory for AI Researchers
HackerOne has partnered with security and AI communities to advocate for stronger legal protections for independent researchers. Most recently, HackerOne participated in a workshop hosted by...
-
Read ArticleROI Isn’t Cutting It: 6 Questions to Help CISOs Better Quantify Security Investments
However, in cybersecurity, quantifying net profit becomes significantly more complex due to the intangible nature of its benefits and the absence of direct revenue generation. Cybersecurity...
-
Read ArticleROI Isn’t Cutting It: 6 Questions to Help CISOs Better Quantify Security Investments
However, in cybersecurity, quantifying net profit becomes significantly more complex due to the intangible nature of its benefits and the absence of direct revenue generation. Cybersecurity...
-
Read ArticleThe OWASP Top 10 for LLMs 2025: How GenAI Risks Are Evolving
Here is HackerOne’s perspective on the Top 10 list for LLM vulnerabilities, how the list has changed, and what solutions can help secure against these risks.Browse by LLM vulnerability:Prompt...
-
Loading More...
