Code Reviews, Small Moments, Big Impacts
MultiplyingAt HackerOne, we use the Spotify Engineering Framework, meaning we work in Squads. Each Squad is a mini-team focused on specific tasks, like a small startup within the company.The...
Read Article
AI Interaction Hacks: Tips and Tricks for Crafting Effective Prompts
What Is a Prompt?A prompt is an instruction that you give to an LLM to retrieve the information that you need or to have the LLM perform the task that you’d like it to do. There are so many things...
Read Article
FAQ: Everything Hackers Need to Know About the 2024 Ambassador World Cup
Q: What is the Ambassador World Cup?The Ambassador World Cup is HackerOne’s annual year-long competition for our Brand Ambassador Program. Formatted like the FIFA World Cup, it’s designed to bring...
Read Article
Getting Started on Personal Development
But it’s not your fault. It’s not just a matter of having a bad attitude or needing to “do better.” There’s always a reason behind these feelings. Perhaps you don’t feel like you’re growing in the...
Read Article
Pre-Pentest Checklist Part 2: Essential Questions to Answer Before Your Next Pentest
In Part 1 of our Pre-Pentest Checklist Series, we explored the foundational aspects of pentesting—focusing on the "what" and "why" to ensure your pentest not only meets compliance standards but...
Read Article
Making Sense of the Sisense News
Brian Krebs has reported that "Those sources said the breach appears to have started when the attackers somehow gained access to the company’s code repository at Gitlab, and that in that...
Read Article
HackerOne Company Values Matter: Default to Disclosure
Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company's success, and their dedication...
Read Article
How a Race Condition Vulnerability Could Cast Multiple Votes
Race condition vulnerabilities make up less than 0.3% of reports on the HackerOne platform. However, researchers have recently been particularly interested in experimenting with race condition...
Read Article
A guide to get the most out of your One-on-Ones
We’ve all been stuck in ineffective 1:1s. There was no clear agenda and the only thing you spoke about was the last episode of Succession, the other person arrived late, or it was canceled last...
Read Article
HackerOne Celebrates Global Work from Home Day
Flexibility RedefinedOne of the advantages of digital first work is the flexibility it offers employees. Our recent employee engagement survey tells us that flexibility is important to working at...
Read Article
Decoding the Characteristics of Modern Pentesting: Value
Effectiveness: Effectiveness measures the method's ability to provide reliable and accurate vulnerability detections, comprehensive system coverage, compliance with standards, and a diverse...
Read Article
HackerOne Company Values Matter: Lead with Integrity
Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Five Hackeronies are recognized for their unique contribution to our company's success, and their dedication...
Read Article
HackerOne’s Digital First Workplace
This is an overview of the conversation and some of the best practices shared when creating a remote workplace. Listen to the full episode and learn how to align your executive team around your...
Read Article
The Importance of Credential Rotations: Best Practices for Security and Data Protection
The Significance of Credential RotationsIn today's digital landscape, the significance of regular credential rotations cannot be overstated. Unfortunately, not all organizations recognize the...
Read Article
The Importance of Credential Rotations: Best Practices for Security and Data Protection
The Significance of Credential RotationsIn today's digital landscape, the significance of regular credential rotations cannot be overstated. Unfortunately, not all organizations recognize the...
Read Article
Ten Practical Tips For High-Value Pentest Engagements
We spoke with Spencer Chin, Director of North America Sales Engineering at HackerOne, and Jasmin Landry, Senior Director at Nasdaq and HackerOne penetration tester. Together, they have helped...
Read Article
Pre-Pentest Checklist Part 1: Essential Questions to Answer Before Your Next Pentest
Diving into pentest readiness, this comprehensive preparation guide is adaptable to different types of pentest, regardless of the target's size or complexity.In Part 1 of our Pre-Pentest Checklist...
Read Article
An Emerging Playbook for AI Red Teaming With HackerOne
To ensure that AI is more secure and trustworthy, the EO calls on companies who develop AI and other companies in critical infrastructure that use AI to rely on “red-teaming”: testing to find...
Read Article
XZ Utils CVE-2024-3094: A Tale of Broken Trust, Curious Persistence, and a Call to Action
What Is XZ Utils and What Happened?XZ Utils is an open source software commonly found in most Linux distros, although CVE-2024-3094 is only present in XZ Utils versions 5.6.0 and 5.6.1, meaning...
Read Article
HackerOne Company Values Matter: Respect All People
At HackerOne, our company values - Default to Disclosure, Respect All People, Win as a Team, Lead with Integrity, and Execute with Excellence - reflect our beliefs, priorities, and...
Read Article