HackerOne

It is a new day with new challenges. Scope has shifted for the next part of our LHE. Today, you can feel the focus. These hackers have been heads down since the get-go. This is day one of a two...

Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of our hackers, staff, and guests safe in our time here. So,...

Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of our hackers, staff, and guests safe in our time here. So,...

Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of our hackers, staff, and guests safe in our time here. So,...

  After a day of rest, we were ready to launch into our first day of H1-702! What makes today special is the return of H@cktivity Con, previously hosted virtually. This time around we had a...

  After a day of rest, we were ready to launch into our first day of H1-702! What makes today special is the return of H@cktivity Con, previously hosted virtually. This time around we had a live...

  After a day of prep, we were ready to launch into our first day of H1-702! What makes today special is the return of H@cktivitycon, previously hosted virtually. This time around we had a live...

Hackers! We have made it to Las Vegas! We are here for a live hacking event (LHE). All live hacking events are amazing, but this LHE has a special place in our hearts. This is H1-702, the largest...

PayPal has been partnering with the hacker community since launching a bug bounty program in 2012 and in April 2022, they returned for their third live hacking event. As usual, PayPal showed up...

Daily and weekly agile software releases include bug fixes and security patches alongside new functionality. As a result, new vulnerabilities are introduced daily, even as teams plug existing...

Security leaders often struggle to keep pace with the evolving nature of their respective attack surfaces. Many fall behind in their ability to identify and remediate critical vulnerabilities. An...

This article shares five valuable resources about bug bounty programs, why they are useful, how to implement them, and how they can improve your organization’s security and...

Bug bounty life comes with hidden pressures and common frustrations that require soft skills to navigate - which isn't something people often talk about. So, I've come up with "10 rules to be...

MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software vulnerabilities, has been updated for 2022. The CWE Top 25 is updated annually by The MITRE...

  5 Security Stages In-Depth A typical DevOps pipeline contains eight stages. The DevSecOps pipeline retains all of these and adds five more that are specific to security: 1. Threat...

Question: "I spend the majority of my time researching and keeping up with current affairs. I don’t feel like anything is wrong, but then I find myself unable to move for hours. I will be sitting...

In this article, we’ll explain what DevSecOps is, how it differs from DevOps, and what security controls it should ideally incorporate. What is the Difference Between DevOps and DevSecOps? The...

Like triaging in a hospital emergency room, security issues must be diagnosed and handled by an expert as soon as they arrive. But it doesn’t stop there. Just as an ER needs good doctors, a triage...