HackerOne

The HackerOne Blog

  • H1-702 Las Vegas Day 4: Switching Up Scopes

    H1-702 Las Vegas Day 4: Switching Up Scopes

    It is a new day with new challenges. Scope has shifted for the next part of our LHE. Today, you can feel the focus. These hackers have been heads down since the get-go. This is day one of a two...

    Read Article
  • H1-702 Las Vegas Day 3: Switching Up Scopes

    H1-702 Las Vegas Day 3: Switching Up Scopes

    It is a new day with new challenges. Scope has shifted for the next part of our LHE. Today, you can feel the focus. These hackers have been heads down since the get-go. This is day one of a two...

    Read Article
  • H1-702 Las Vegas Day 2: Hacking with Zoom!

    H1-702 Las Vegas Day 2: Hacking with Zoom!

    Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of our hackers, staff, and guests safe in our time here. So,...

    Read Article
  • H1-702 Las Vegas Day 2: Hacking with Zoom

    H1-702 Las Vegas Day 2: Hacking with Zoom

    Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of our hackers, staff, and guests safe in our time here. So,...

    Read Article
  • H1-702 Las Vegas Day 3: Hacking with Zoom

    H1-702 Las Vegas Day 3: Hacking with Zoom

    Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of our hackers, staff, and guests safe in our time here. So,...

    Read Article
  • H1-702 Las Vegas Day Two: H@cktivity Con

    H1-702 Las Vegas Day Two: H@cktivity Con

      After a day of rest, we were ready to launch into our first day of H1-702! What makes today special is the return of H@cktivity Con, previously hosted virtually. This time around we had a...

    Read Article
  • H1-702 Las Vegas Day 2: H@cktivity Con

    H1-702 Las Vegas Day 2: H@cktivity Con

      After a day of rest, we were ready to launch into our first day of H1-702! What makes today special is the return of H@cktivity Con, previously hosted virtually. This time around we had a live...

    Read Article
  • H1-702 Las Vegas Day 1: H@cktivitycon

    H1-702 Las Vegas Day 1: H@cktivitycon

      After a day of prep, we were ready to launch into our first day of H1-702! What makes today special is the return of H@cktivitycon, previously hosted virtually. This time around we had a live...

    Read Article
  • H1-702 Las Vegas Day 0: Setup!

    H1-702 Las Vegas Day 0: Setup!

    Hackers! We have made it to Las Vegas! We are here for a live hacking event (LHE). All live hacking events are amazing, but this LHE has a special place in our hearts. This is H1-702, the largest...

    Read Article
  • H1-702 Las Vegas Day 0: Setup

    H1-702 Las Vegas Day 0: Setup

    Hackers! We have made it to Las Vegas! We are here for a live hacking event (LHE). All live hacking events are amazing, but this LHE has a special place in our hearts. This is H1-702, the largest...

    Read Article
  • PayPal's Third LHE Brings Top Global Hackers to the Virtual Stage

    PayPal's Third LHE Brings Top Global Hackers to the Virtual Stage

    PayPal has been partnering with the hacker community since launching a bug bounty program in 2012 and in April 2022, they returned for their third live hacking event. As usual, PayPal showed up...

    Read Article
  • What Your Organization Gains by Understanding the Value of App Security Testing Averages

    What Your Organization Gains by Understanding the Value of App Security Testing Averages

    Daily and weekly agile software releases include bug fixes and security patches alongside new functionality. As a result, new vulnerabilities are introduced daily, even as teams plug existing...

    Read Article
  • Benchmark Analysis: Annual Pentest and Code Review Coverage

    Benchmark Analysis: Annual Pentest and Code Review Coverage

    Security leaders often struggle to keep pace with the evolving nature of their respective attack surfaces. Many fall behind in their ability to identify and remediate critical vulnerabilities. An...

    Read Article
  • 5 Articles to Get You Up-to-Speed on Bug Bounty Programs

    5 Articles to Get You Up-to-Speed on Bug Bounty Programs

    This article shares five valuable resources about bug bounty programs, why they are useful, how to implement them, and how they can improve your organization’s security and...

    Read Article
  • Ten Rules to be Successful in Your Bug Bounty Career

    Ten Rules to be Successful in Your Bug Bounty Career

    Bug bounty life comes with hidden pressures and common frustrations that require soft skills to navigate - which isn't something people often talk about. So, I've come up with "10 rules to be...

    Read Article
  • Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks

    Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks

    MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software vulnerabilities, has been updated for 2022. The CWE Top 25 is updated annually by The MITRE...

    Read Article
  • 5 Security Stages of the DevSecOps Pipeline

    5 Security Stages of the DevSecOps Pipeline

      5 Security Stages In-Depth A typical DevOps pipeline contains eight stages. The DevSecOps pipeline retains all of these and adds five more that are specific to security: 1. Threat...

    Read Article
  • Hacker's Health: Adverse Effects of Doomscrolling

    Hacker's Health: Adverse Effects of Doomscrolling

    Question: "I spend the majority of my time researching and keeping up with current affairs. I don’t feel like anything is wrong, but then I find myself unable to move for hours. I will be sitting...

    Read Article
  • DevSecOps vs DevOps: What is the Difference?

    DevSecOps vs DevOps: What is the Difference?

    In this article, we’ll explain what DevSecOps is, how it differs from DevOps, and what security controls it should ideally incorporate. What is the Difference Between DevOps and DevSecOps? The...

    Read Article
  • HackerOne’s In-Depth Approach to Vulnerability Triage and Validation

    HackerOne’s In-Depth Approach to Vulnerability Triage and Validation

    Like triaging in a hospital emergency room, security issues must be diagnosed and handled by an expert as soon as they arrive. But it doesn’t stop there. Just as an ER needs good doctors, a triage...

    Read Article
  • loading
    Loading More...