HackerOne

The case against SolarWinds was filed by the Securities and Exchange Commission (SEC), a government agency that has interpreted its authority broadly to regulate publicly traded companies. The...

1. Are You Prepared to Manage Incoming Vulnerability Reports?Naturally, the purpose of running a bug bounty program is to identify vulnerabilities beyond what your security team can find — and...

Alek is a perfect example of persistence and adaptability, even without a traditional tech background, which can lead to success in the tech industry. In this blog, Alek shares his story and...

Enter HackerOne's AI Co-Pilot, Hai, a revolutionary tool designed to streamline this process and enhance understanding across the board.Hai is transforming how security teams handle and interpret...

Expanding Our Model Safety Bug Bounty Program The rapid progression of AI model capabilities demands an equally swift advancement in safety protocols. As we work on developing the next generation...

At HackerOne, we've witnessed our parents craft impressive solutions to blend their professional and personal worlds. We wanted to hear from our HackerOne parents and how they stay productive...

Cross-Directional Consistency & Transparency on the HackerOne PlatformHackerOne is a marketplace through which organizations can address security vulnerabilities with security researchers, and...

Our Solution: Precision Internal Network Testing with Zero Trust ControlWe are excited to introduce Gateway Internal Network Testing (INT) as the latest enhancement to HackerOne Gateway, powered...

What Is an Authentication Bypass Vulnerability?An authentication bypass vulnerability is a weakness in a system that fails to protect against unauthenticated access, allowing an attacker to bypass...

Our first-ever Recharge Week – July 1–5, 2024—aimed at giving most company employees a simultaneous week off to rest, pursue hobbies, and spend time with loved ones, free from the demands of work...

Let’s first define what we’re talking about when we refer to these NIST controls. NIST 800-53 is a popular framework for security programs globally and also acts as the baseline control set for...

HIPAA regulatory standards outline the lawful use, disclosure, and safeguarding of protected health information (PHI). Any organization that collects or handles PHI must comply with HIPAA rules....

We talked to Naz Bozdemir, Product Marketing Lead, about her unique path and asked her to share insights into her career.From International Relations to CybersecurityNaz’s adventure started with a...

Introducing Custom InboxesCustom Inboxes provide our enterprise customers with unparalleled flexibility in report management. Now, organizational administrators can create, remove, and edit up to...

This year's Hack Week was dedicated to artificial intelligence (AI), and teams worked together to problem-solve and explore new projects, keeping this theme in mind.A dedicated hack week or hack...

Each year, we celebrate the GitHub Security Bug Bounty program, highlighting impressive bugs and researchers, rewards, live hacking events, and more. This year, we celebrate a new milestone: 10...

The Talent Acquisition team currently has a net promoter score (NPS) of 56%, while the industry standard is 50%. However, we can improve and refine our hiring practices to attract and retain the...

The Problems Customers Use Ethical Hackers To SolveOrganizations work with ethical hackers to address a range of issues, including knowing unknowns, preventing breaches, meeting regulatory...

Pentest reports are a requirement for many security compliance certifications (such as ISO 27001 and SOC 2), and having regular pentest reports on hand can also signal to high-value customers that...