Skip to main content

Vulnerability Management

We cover everything in vulnerability management including discovery, prioritization, assessment, disclosure, and remediation.

HackerOne Blog Image
Vulnerability Management

HackerOne Assets Deep Dive: Asset Inventory

What is Asset Inventory?

The effectiveness of an ASM initiative is determined by how well the solution records the attack surface and presents the...

HackerOne Blog
Penetration Testing, Vulnerability Management

Benchmark Analysis: Annual Pentest and Code Review Coverage

Security leaders often struggle to keep pace with the evolving nature of their respective attack surfaces...
Bug Bounty Programs
Vulnerability Management

5 Articles to Get You Up-to-Speed on Bug Bounty Programs

Many organizations use bug bounty programs to help them protect their ever-expanding attack surface and...

HackerOne Blog
Application Security, Vulnerability Management

Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks

MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software...
HackerOne Blog
Vulnerability Management

HackerOne’s In-Depth Approach to Vulnerability Triage and Validation

Like triaging in a hospital emergency room, security issues must be diagnosed and handled by an expert as soon...
How Bug Bounty Uncovered A 5-Year-Old Vulnerability In Hours
Ethical Hacker, Vulnerability Management

How Bug Bounty Uncovered A 5-Year-Old Vulnerability In Hours

When PullRequest was acquired, these concerns became HackerOne’s challenges. When we finalized the acquisition...
CISOs: Do You Know M&A Security Risks?
Vulnerability Management

CISOs: Do You Know the Security Risks of Your Organization's Next M&A?

An ever-expanding attack surface is a global concern for most organizations and complicates an M&A, especially...

Catching Injection Vulnerabilities
Vulnerability Management

How to Catch Injection Security Vulnerabilities in Code Review

Injection vulnerabilities result from insecure handling of user inputs. They are relatively simple to fix once...

Protect Critical Infrastructure from Threats
Vulnerability Management

How Critical Infrastructure Can be Protected from Threats

Accessing a major critical infrastructure network is very appealing to cybercriminals, as they can maximize...