HackerOne Blog

The latest from HackerOne

Brains on Digital Background

Exposure Management

Return on Mitigation

When Discovery Is Cheap, Validation Is Priceless for Reducing Risk

March 26, 2026

AI is making vulnerability discovery cheap. CTEM only reduces risk when teams validate exploitability, remediate, and retest to prove fixes hold.

Read Now

All

AI

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Countdown on Digital Background

Exposure Management

The Vulnerability Apocalypse Is a Remediation Crisis

April 15, 2026

Move from periodic testing to continuous intake, faster validation, and systemic fixes for recurring bug classes. A data-backed case for retooling remediation.

XSS Workflow

Exposure Management

From Report to Remediation: A Real-World XSS Validation Workflow

April 14, 2026

A real-world XSS workflow shows how continuous security validation helps teams prove exploitability and confirm fixes faster with reusable evidence.

Exposure Management

3 Principles for Modern VDPs: How AWS Keeps Vulnerability Disclosure Working at Massive Scale

April 9, 2026

AWS shows how modern vulnerability disclosure scales: design for scale, optimize time to context, and eliminate vulnerability classes with HackerOne.

Cyber Brains in a Digital Landscape

Pentest as a Service

Why Real-World Testing Makes Agentic Pentesting Smarter Over Time

April 9, 2026

Agentic pentesting improves fastest in production. See how real-world testing plus validated feedback boosts accuracy, coverage, and reliability over time.

Researchers in Digital Background

Responsible AI at HackerOne: 2026 Update

April 9, 2026

A 2026 update on HackerOne’s responsible AI: human oversight for sensitive actions, stateless inference, no-training commitments, and open validation.

Digital Highway

Security Research

Evolving with AI: How One Security Researcher Built a Career Around Time

April 7, 2026

Meet Douglas Day and see how bug bounty programs and AI automation helped him build a security research career with more flexibility and freedom.

XSS on a Digital Screen

Security Research

How to Find XSS: Techniques Security Researchers Use in Real Environments

April 1, 2026

Learn how to find XSS vulnerabilities and validate real exploitability using techniques trusted by security teams.

Brains on Digital Background

Exposure Management

Return on Mitigation

When Discovery Is Cheap, Validation Is Priceless for Reducing Risk

March 26, 2026

AI is making vulnerability discovery cheap. CTEM only reduces risk when teams validate exploitability, remediate, and retest to prove fixes hold.

EU AI Regulation

Europe’s New AI Security Standard: What It Means for Vulnerability Disclosure and AI Red Teaming

March 25, 2026

ETSI EN 304 223 makes Vulnerability Disclosure and AI red teaming baseline expectations. Get practical steps to prepare for EU rollout by late 2026.