Blog Posts

The latest & greatest from the HackerOne blog.

  • Hacker Spotlight AMA: debsec

    Hacker Spotlight AMA: debsec

    From hobbyist to professional, Eduardo is passionate about hacking the world. Hailing from Chile, Eduardo joined HackerOne as @debsec in 2019 and has proven his expertise by diving deep into one...

    Read Article
  • HackerOne Product Enhancements Help Detect, Remediate, and Analyze Cloud Misconfigurations

    HackerOne Product Enhancements Help Detect, Remediate, and Analyze Cloud Misconfigurations

    The cloud has emerged as the operational backbone of modern enterprises, yet 95 percent of cloud security issues are a direct result of misconfiguration according to Gartner. Today, HackerOne...

    Read Article
  • Why we sold our founding vulnerability as an NFT

    Why we sold our founding vulnerability as an NFT

    HackerOne listed our founding vulnerability as an NFT on OpenSea and donated the proceeds — 3.3 ETH / $7,086.19 — to Hack the Hood. Today, we sat down with co-founder Michiel Prins to talk about...

    Read Article
  • Hacker Spotlight AMA: none_of_the_above

    Hacker Spotlight AMA: none_of_the_above

    From full stack developer to full-time bug bounty hunter, Leandro — or @none_of_the_above — from Buenos Aires, Argentina has had an extensive technical career that has set him on a rapid rise on...

    Read Article
  • Reddit’s Public Bug Bounty Program Kicks Off: Q&A with Reddit’s Allison Miller and Spencer Koch, and top program hacker @renekroka

    Reddit’s Public Bug Bounty Program Kicks Off: Q&A with Reddit’s Allison Miller and Spencer Koch, and top program hacker @renekroka

    After three years running a successful private bug bounty program on HackerOne, Reddit has announced that it’s taking their bug bounty program public. We sat down with Reddit’s CISO and VP of...

    Read Article
  • Hacker Spotlight AMA: niemand_sec

    Hacker Spotlight AMA: niemand_sec

    From when he was 14 years old, Joel — better known as @niemand_sec on HackerOne — has always been passionate about hacking and the community. After studying engineering in university, Joel...

    Read Article
  • Security@ 2021 Call for Speakers is Open

    Security@ 2021 Call for Speakers is Open

    HackerOne’s global Security@ conference is back for its fifth year on September 20, 2021. Today, we’ve opened our call for speakers! Are you interested in sharing learnings and best practices from...

    Read Article
  • Hacker Spotlight: Interview with edduu

    Hacker Spotlight: Interview with edduu

    Pentester, security consultant, and trainer by day and bug hunter by night, @edduu is an all around security expert.    Edduu started hacking at the age of 13 with genuine curiosity and a love...

    Read Article
  • The Rise of IDOR

    The Rise of IDOR

    Insecure Direct Object References (or IDOR) is a simple bug that packs a punch. When exploited, it can provide attackers with access to sensitive data or passwords or give them the ability to...

    Read Article
  • Hacker Spotlight: Interview with manoelt

    Hacker Spotlight: Interview with manoelt

    Avid Capture the Flag (CTF) player, part-time bug bounty hunter, pentester, and master in software engineering, @manoelt is a jack of all trades in security! He has won three HackerOne Capture the...

    Read Article
  • PayPal is our Virtual Pal

    PayPal is our Virtual Pal

    In June, sixty-one hackers from thirteen countries gathered (virtually) to hack digital payments platform PayPal as part of HackerOne’s latest virtual hacking event, h1-2006. Hackers disclosed...

    Read Article
  • Hacker Spotlight: Interview with p3rr0

    Hacker Spotlight: Interview with p3rr0

    Based in Santa Fe, Argentina, Hector (or p3rr0 on HackerOne) had no idea what bug bounties were until he stumbled upon Santiago Lopez’ story in a local newspaper. At first, he thought the...

    Read Article
  • Hacker Spotlight: Interview with Samux

    Hacker Spotlight: Interview with Samux

    @Samux or Samuel Orellana has been hacking on HackerOne since 2016, but he’s been in the industry long before that. A resident pentester, Samux is also an avid bug bounty hunter, hacking on large...

    Read Article
  • Discovering Three Personas within the Hacker Community

    Discovering Three Personas within the Hacker Community

    With over one million hackers making up the HackerOne community, there’s more diversity of skill, approach, and personality than any security team in the world. At the launch of the 2021 Hacker...

    Read Article
  • Hacker Spotlight: Interview with bugdiscloseguys

    Hacker Spotlight: Interview with bugdiscloseguys

    Harsh Jaiswal or @bugdiscloseguys has been an avid HackerOne hacker since he signed up in January 2016. Since he originally discovered hacking from Facebook, he has sharpened his application...

    Read Article
  • Commerce Giant Shopify Kicks Off 2021 with HackerOne (Virtual) Live Hacking Event: h1-2102

    Commerce Giant Shopify Kicks Off 2021 with HackerOne (Virtual) Live Hacking Event: h1-2102

    As one of the largest commerce platforms in the world, Shopify leads the industry when it comes to trust and security. Their long standing bug bounty program started on HackerOne in 2015 and...

    Read Article
  • Hacker Spotlight: Interview with Geekboy

    Hacker Spotlight: Interview with Geekboy

    From Mumbai, India, @geekboy shares his story on how he became an ethical hacker, security analyst, and now co-founder of ProjectDiscovery - an open-source software company simplifying security...

    Read Article
  • The Rise of Misconfiguration and Supply Chain Vulnerabilities

    The Rise of Misconfiguration and Supply Chain Vulnerabilities

    Singapore-based telecom firm, Singtel, revealed last week it had suffered a security breach as a result of relying on an unpatched legacy file sharing product. The breach has compromised not only...

    Read Article
  • Hacker Spotlight: Interview with dkd

    Hacker Spotlight: Interview with dkd

    With over 400 vulnerabilities submitted, it’s no secret that @dkd is an awesome hacker. His testimonials and Thanks received including being ranked #1 on Mavelink’s program speaks volumes to his...

    Read Article
  • Hacker Spotlight: Interview with notnaffy

    Hacker Spotlight: Interview with notnaffy

    Shubham Shah (@notnaffy) started hacking because he was driven to beat his brother in video games. He was a full-time bug bounty hunter for several years and his competitive nature then drove him...

    Read Article
  • loading
    Loading More...