Skip to main content

HackerOne Blog

Read the HackerOne blog to learn strategies for strengthening your attack resistance with help from highly skilled ethical hackers. Improve your security profile and stay up to date on industry trends and emerging threats.

day 4 image
August 5th, 2022

H1-702 Las Vegas Day 3: Switching Up Scopes


It is a new day with new challenges. Scope has shifted for the next part of our LHE. Today, you can feel the focus. These hackers have been heads...

What is Confluence CVE-2022-26134 and How Do I Fix It
Application Security

Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134)

Background The vulnerability allows unauthenticated remote code execution (RCE). Exploitation occurs by...
Protect Critical Infrastructure from Threats
Vulnerability Management

How Critical Infrastructure Can be Protected from Threats

Accessing a major critical infrastructure network is very appealing to cybercriminals, as they can maximize...

Beiersdorf CISO blog
Customer Stories, Best Practices, Vulnerability Disclosure, Response

Ethical Hackers Help Beiersdorf Minimize Risk and Protect Their Attack Surface

After a year of running a private Vulnerability Disclosure Program (VDP), Beiersdorf is announcing the launch...

Why you should create a security.txt file if you have a VDP or bug bounty program
Security Compliance, Vulnerability Management

What Is a Security.txt File and How Can It Help Your Program?

Security.txt is a security mechanism that allows your organization to provide its vulnerability disclosure...
pullrequest5ways
Application Security

5 Ways I Provide Value as a PullRequest Reviewer When I Start Reviewing a New Project

Important reviewer traits for providing a great code review include prior knowledge and experience, expertise...

HackerOne Blog
Assessments, Penetration Testing

HackerOne Announces a New Customer Pentest Setup that's More Efficient and Speeds Time to Launch

This improved experience reduces time to launch, which is vital when your organization is up against an urgent...
PubvsPri
Vulnerability Management

Understanding Public and Private Bug Bounties and Vulnerability Disclosure Programs

How Are Bug Bounty Programs and Vulnerability Disclosure Programs Different? Let’s start with the similarities...
What is Attack Resistance Management (ARM) (ASM)
Company News

What is Attack Resistance Management?

A Security Survey on How to Close Your Organization's Attack Resistance Gap