Retail & Hospitality
Everything Retail & Hospitality organizations need to know about crowdsourced security testing.
-
27:34
CTO insights on closing cloud security gaps
-
DevSecOps vs DevOps: What is the Difference?
In this article, we’ll explain what DevSecOps is, how it differs from DevOps, and what security controls it should ideally incorporate. What is the Difference Between DevOps and DevSecOps? The...
-
HackerOne’s In-Depth Approach to Vulnerability Triage and Validation
Like triaging in a hospital emergency room, security issues must be diagnosed and handled by an expert as soon as they arrive. But it doesn’t stop there. Just as an ER needs good doctors, a triage...
-
How Bug Bounty Uncovered A 5-Year-Old Vulnerability In Hours
When PullRequest was acquired, these concerns became HackerOne’s challenges. When we finalized the acquisition, we immediately added PullRequest’s assets to the scope of HackerOne’s own bug bounty...
-
Live Hacking Event Invitations - 2022 Guide
Hello Hackers, Live Hacking Events are an experience like no other: hackers collaborate and connect with security teams, each other and HackerOne. 2022 is our fifth consecutive year of live...
-
CISOs: Do You Know the Security Risks of Your Organization's Next M&A?
First, I will discuss the inherent risks associated with M&As as attack surfaces grow. A Growing and Unprotected Attack Surface An ever-expanding attack surface is a global concern for most...
-
H1 Community Team: Your Hacker Allies
Jessica Sexton, Director of Community (Twitter/LinkedIn) "I am excited to build a team and strategic programs that focus on human connection, growth, and personalized experiences on our...
-
Community at HackerOne: What's to Come
From Jessica Sexton - Director of Community, Three years ago, I found my home at HackerOne. My primary focus was to revamp our Live Hacking Events program. Live Hacking Events are an amazing...
-
The Top 5 Most Common Security Issues I Discover When Reviewing Code
NOTE: The following code examples have been contrived to provide detailed, illustrative representations of real security issues I’ve found while reviewing code. They have not been pulled from...
-
How to Catch Injection Security Vulnerabilities in Code Review
Understanding Injection Vulnerabilities Injection vulnerabilities exist when information provided by users of the application is not properly validated or sanitized before it is used. In the case...
-
Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134)
Background The vulnerability allows unauthenticated remote code execution (RCE). Exploitation occurs by sending an HTTP request with an attack payload to a vulnerable instance of Confluence,...
-
How Critical Infrastructure Can be Protected from Threats
Accessing a major critical infrastructure network is very appealing to cybercriminals, as they can maximize societal impact and demand large ransom sums to fix tampered systems. With recent...
-
HackerOne Launches OpenASM to Extend the Value of Customers' Attack Surface Management Tools
HackerOne Launches OpenASM to Extend the Value of Customers' Attack Surface Management Tools alice@hackerone.com Wed, 06/01/2022 - 11:59 Read more about HackerOne Launches OpenASM to Extend the...
-
HackerOne Increases Customers’ Cyber Resilience by Launching Attack Resistance Management
May 10, 2022HackerOne Increases Customers’ Cyber Resilience by Launching Attack Resistance Management Read more
-
12-Month DIB-VDP Pilot Concludes
12-Month DIB-VDP Pilot Concludes HackerOne Mon, 05/02/2022 - 09:04 Read more about 12-Month DIB-VDP Pilot ConcludesMay 2, 2022
-
HackerOne Acquires PullRequest to Power Developer-First Security Testing Solutions
April 28, 2022HackerOne Acquires PullRequest to Power Developer-First Security Testing SolutionsRead more
-
Nearly Half of Organizations Lack Confidence to Close Security Gaps According to New Report by HackerOne
Nearly Half of Organizations Lack Confidence to Close Security Gaps According to New Report by HackerOne ejames@hackerone.com Mon, 04/18/2022 - 20:52 Read more about Nearly Half of Organizations...
-
HackerOne releases FAQ regarding sanctions
HackerOne releases FAQ regarding sanctions HackerOne Wed, 03/16/2022 - 11:46 Read more about HackerOne releases FAQ regarding sanctionsMarch 16, 2022
-
Organizations Call For Security Transparency To Be Industry Best Practice
Organizations Call For Security Transparency To Be Industry Best Practice alice@hackerone.com Thu, 03/10/2022 - 02:46 Read more about Organizations Call For Security Transparency To Be Industry...
-
HackerOne Caps Growth Year With $49 Million Investment
HackerOne Caps Growth Year With $49 Million Investment alice@hackerone.com Thu, 01/27/2022 - 04:45 Read more about HackerOne Caps Growth Year With $49 Million InvestmentJanuary 27, 2022
-
Loading More...