Skip to main content

Vulnerability Management

We cover everything in vulnerability management including discovery, prioritization, assessment, disclosure, and remediation.

Why you should create a security.txt file if you have a VDP or bug bounty program
Security Compliance, Vulnerability Management

What Is a Security.txt File and How Can It Help Your Program?

Security.txt is a security mechanism that allows your organization to provide its vulnerability disclosure policy and contact information in a...

Why you should create a security.txt file if you have a VDP or bug bounty program
Security Compliance, Vulnerability Management

What Is a Security.txt File and How Can It Help Your Program?

Security.txt is a security mechanism that allows your organization to provide its vulnerability disclosure...
PubvsPri
Vulnerability Management

Understanding Public and Private Bug Bounties and Vulnerability Disclosure Programs

How Are Bug Bounty Programs and Vulnerability Disclosure Programs Different? Let’s start with the similarities...
How Wix Uses HackerOne to Improve Their Cybersecurity Posture
Customer Stories, Application Security, Best Practices, Bounty, Vulnerability Management

How Wix Improves Their Security Posture with Ethical Hackers

Reducing risk is fundamental to Wix’s approach to cybersecurity, and as the threat landscape evolves, they...

HackerOne Attack Resistance Report reveals the increasing attack resistance gap many organizations are facing
Company News, Vulnerability Management

Announcing the HackerOne 2022 Attack Resistance Report: A Security Survey—How to Close Your Organization's Attack Resistance Gap

Today, HackerOne published The 2022 Attack Resistance Report: A HackerOne Security Survey. Our research...

The Global Top 10 is a valuable resource and can help organizations prioritize reported vulnerabilities.
Vulnerability Management

The HackerOne Global Top 10—Hacker Expertise, Industry Data, and Up-to-Date Vulnerabilities

Many security teams use the OWASP Top 10 as a guideline to understand where they should focus their security...
Log4J webinar with Chris Evans and Jobert Abma
Vulnerability Management, Vulnerability Disclosure

Log4Shell: Attack Evolution

HackerOne has unique visibility into the global response to Log4Shell, seeing in real time how organizations...

HAC Common Weakness Enumeration explainted
Vulnerability Management

CWE [Common Weakness Enumeration] | Why It Is Important

Are you wondering about CWE? We explain CWE (Common Weakness Enumeration) and why this community-based...

HAC LOG4j
Vulnerability Management

Log4j Vulnerability Activity on the HackerOne Platform

This post is about the severe and widespread Log4j vulnerability. It gives a technical overview of the...