Skip to main content

Security@ 2022: Achieve Attack Resistance

Get your complimentary pass to Security@ 2022 with promo code VIPCOMP

October 12-13, San Diego | October 13, London

Register today


HackerOne Blog

Read the HackerOne blog to learn strategies for strengthening your attack resistance with help from highly skilled ethical hackers. Improve your security profile and stay up to date on industry trends and emerging threats.

Application Security, Penetration Testing, Vulnerability Management

Introducing Unified HackerOne Scope Management with Burp Suite Support

This post will start with the basics of defining scope and how ethical hackers and testers use it in their testing workflow. If you’re already...

HackerOne Community
June 9th, 2022

H1 Community Team: Your Hacker Allies

Jessica Sexton, Director of Community (Twitter/LinkedIn) "I am excited to build a team and strategic programs...
Common Security Issues
June 10th, 2022

The Top 5 Most Common Security Issues I Discover When Reviewing Code

NOTE: The following code examples have been contrived to provide detailed, illustrative representations of...
Catching Injection Vulnerabilities
Vulnerability Management

How to Catch Injection Security Vulnerabilities in Code Review

Injection vulnerabilities result from insecure handling of user inputs. They are relatively simple to fix once...

What is Confluence CVE-2022-26134 and How Do I Fix It
Application Security

Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134)

Background The vulnerability allows unauthenticated remote code execution (RCE). Exploitation occurs by...
Protect Critical Infrastructure from Threats
Vulnerability Management

How Critical Infrastructure Can be Protected from Threats

Accessing a major critical infrastructure network is very appealing to cybercriminals, as they can maximize...

Beiersdorf CISO blog
Customer Stories, Best Practices, Vulnerability Disclosure, Response

Ethical Hackers Help Beiersdorf Minimize Risk and Protect Their Attack Surface

After a year of running a private Vulnerability Disclosure Program (VDP), Beiersdorf is announcing the launch...

Why you should create a security.txt file if you have a VDP or bug bounty program
Security Compliance, Vulnerability Management

What Is a Security.txt File and How Can It Help Your Program?

Security.txt is a security mechanism that allows your organization to provide its vulnerability disclosure...
Application Security

5 Ways I Provide Value as a PullRequest Reviewer When I Start Reviewing a New Project

Important reviewer traits for providing a great code review include prior knowledge and experience, expertise...