Addressing the Security Gap in High Velocity Modern Application Development Cycles

February 11, 2022 HackerOne Team

Share this Article
Facebook
Twitter
Email
LinkedIn

In November and December 2021, ESG interviewed HackerOne customers from three companies. Discussions centered on how they are adapting their application security programs as they undergo business transformation, moving workloads to the cloud for faster development cycles. These interviews of CISOs and security engineers covered the tools and processes they have in place, the effectiveness of their programs, and their strategies for filling in any gaps.

Donating Bounties to Humanitarian Efforts in Ukraine

In 2020, we launched the Hack for Good program to allow ethical hackers to donate their bounties to charita...

Securing Digital Transformation with Vulnerability Disclosure: A Q&A with John Deere CISO, James Johnson

John Deere’s CISO, James Johnson, and his team are committed to ensuring that the people who depend on John...

Get the whitepaper

First Name

Last Name

Company

Thank you!

Error - something went wrong!

Most Recent Articles

Hack My Career: Meet Frances H

Addressing the Security Gap in High Velocity Modern Application Development Cycles

Previous Article

Next Article

Most Recent Articles

Did you always think you would work in the technology industry?After finishing my undergraduate degree at UC Berkeley, I began working at the San Francisco SPCA, thinking one day I would become a...

SOC 2 compliance is based on evaluating a set of Trust Services Criteria (TSC). These criteria are grouped into five categories and are evaluated against the organization’s objectives:Security:...

What Is an Ethical Hacker?An ethical hacker is a cybersecurity professional who uses their skills and knowledge in hacking to identify vulnerabilities and weaknesses in computer systems, networks,...

“Capital One puts the security of our customers and our systems at the forefront of everything we do. Live Hacking Events are a key component of our robust security testing strategy and are a...

MultiplyingAt HackerOne, we use the Spotify Engineering Framework, meaning we work in Squads. Each Squad is a mini-team focused on specific tasks, like a small startup within the company.The...

What Is a Prompt?A prompt is an instruction that you give to an LLM to retrieve the information that you need or to have the LLM perform the task that you’d like it to do. There are so many things...

Q: What is the Ambassador World Cup?The Ambassador World Cup is HackerOne’s annual year-long competition for our Brand Ambassador Program. Formatted like the FIFA World Cup, it’s designed to bring...

But it’s not your fault. It’s not just a matter of having a bad attitude or needing to “do better.” There’s always a reason behind these feelings. Perhaps you don’t feel like you’re growing in the...

In Part 1 of our Pre-Pentest Checklist Series, we explored the foundational aspects of pentesting—focusing on the "what" and "why" to ensure your pentest not only meets compliance standards but...

Brian Krebs has reported that "Those sources said the breach appears to have started when the attackers somehow gained access to the company’s code repository at Gitlab, and that in that...

Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company's success, and their dedication...

Race condition vulnerabilities make up less than 0.3% of reports on the HackerOne platform. However, researchers have recently been particularly interested in experimenting with race condition...

We’ve all been stuck in ineffective 1:1s. There was no clear agenda and the only thing you spoke about was the last episode of Succession, the other person arrived late, or it was canceled last...

Flexibility RedefinedOne of the advantages of digital first work is the flexibility it offers employees. Our recent employee engagement survey tells us that flexibility is important to working at...

Effectiveness: Effectiveness measures the method's ability to provide reliable and accurate vulnerability detections, comprehensive system coverage, compliance with standards, and a diverse...

Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company's success, and their dedication...

This is an overview of the conversation and some of the best practices shared when creating a remote workplace. Listen to the full episode and learn how to align your executive team around your...

The Significance of Credential RotationsIn today's digital landscape, the significance of regular credential rotations cannot be overstated. Unfortunately, not all organizations recognize the...

The Significance of Credential RotationsIn today's digital landscape, the significance of regular credential rotations cannot be overstated. Unfortunately, not all organizations recognize the...

We spoke with Spencer Chin, Director of North America Sales Engineering at HackerOne, and Jasmin Landry, Senior Director at Nasdaq and HackerOne penetration tester. Together, they have helped...