HackerOne
The HackerOne Blog
-
On Writing Well as a Software Engineer
Though writing is a more creative process than writing code, it does not make it easier. It requires practice, repetition, feedback, and mastering the fundamentals to develop your writing. Let’s...
-
Re-live the Security@ magic in our on-demand video library!
Take me there! -
Accelerate Find-to-Fix Cycles With Hai
You can now streamline and enhance your vulnerability management process with HackerOne’s in-platform GenAI copilot, Hai. Hai delivers a deeper and more immediate understanding of the reports that...
-
Hack My Career: Meet Frances H
Did you always think you would work in the technology industry?After finishing my undergraduate degree at UC Berkeley, I began working at the San Francisco SPCA, thinking one day I would become a...
-
SOC 2 and Pentesting: What You Need to Know
SOC 2 compliance is based on evaluating a set of Trust Services Criteria (TSC). These criteria are grouped into five categories and are evaluated against the organization’s objectives:Security:...
-
Human-Powered Security: The Value of Ethical Hackers & Bug Bounty
What Is an Ethical Hacker?An ethical hacker is a cybersecurity professional who uses their skills and knowledge in hacking to identify vulnerabilities and weaknesses in computer systems, networks,...
-
Capital One Teams Up With Top-Tier Ethical Hackers at H1-305
“Capital One puts the security of our customers and our systems at the forefront of everything we do. Live Hacking Events are a key component of our robust security testing strategy and are a...
-
Code Reviews, Small Moments, Big Impacts
MultiplyingAt HackerOne, we use the Spotify Engineering Framework, meaning we work in Squads. Each Squad is a mini-team focused on specific tasks, like a small startup within the company.The...
-
AI Interaction Hacks: Tips and Tricks for Crafting Effective Prompts
What Is a Prompt?A prompt is an instruction that you give to an LLM to retrieve the information that you need or to have the LLM perform the task that you’d like it to do. There are so many things...
-
FAQ: Everything Hackers Need to Know About the 2024 Ambassador World Cup
Q: What is the Ambassador World Cup?The Ambassador World Cup is HackerOne’s annual year-long competition for our Brand Ambassador Program. Formatted like the FIFA World Cup, it’s designed to bring...
-
Getting Started on Personal Development
But it’s not your fault. It’s not just a matter of having a bad attitude or needing to “do better.” There’s always a reason behind these feelings. Perhaps you don’t feel like you’re growing in the...
-
Pre-Pentest Checklist Part 2: Essential Questions to Answer Before Your Next Pentest
In Part 1 of our Pre-Pentest Checklist Series, we explored the foundational aspects of pentesting—focusing on the "what" and "why" to ensure your pentest not only meets compliance standards but...
-
Making Sense of the Sisense News
Brian Krebs has reported that "Those sources said the breach appears to have started when the attackers somehow gained access to the company’s code repository at Gitlab, and that in that...
-
HackerOne Company Values Matter: Default to Disclosure
Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company's success, and their dedication...
-
How a Race Condition Vulnerability Could Cast Multiple Votes
Race condition vulnerabilities make up less than 0.3% of reports on the HackerOne platform. However, researchers have recently been particularly interested in experimenting with race condition...
-
A guide to get the most out of your One-on-Ones
We’ve all been stuck in ineffective 1:1s. There was no clear agenda and the only thing you spoke about was the last episode of Succession, the other person arrived late, or it was canceled last...
-
HackerOne Celebrates Global Work from Home Day
Flexibility RedefinedOne of the advantages of digital first work is the flexibility it offers employees. Our recent employee engagement survey tells us that flexibility is important to working at...
-
Decoding the Characteristics of Modern Pentesting: Value
Effectiveness: Effectiveness measures the method's ability to provide reliable and accurate vulnerability detections, comprehensive system coverage, compliance with standards, and a diverse...
-
HackerOne Company Values Matter: Lead with Integrity
Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company's success, and their dedication...
-
HackerOne’s Digital First Workplace
This is an overview of the conversation and some of the best practices shared when creating a remote workplace. Listen to the full episode and learn how to align your executive team around your...
-
The Importance of Credential Rotations: Best Practices for Security and Data Protection
The Significance of Credential RotationsIn today's digital landscape, the significance of regular credential rotations cannot be overstated. Unfortunately, not all organizations recognize the...
- Loading More...