The Impacts of Cross-site Scripting (XSS) [With Real Examples]
According to HackerOne’s 8th Annual Hacker-Powered Security Report, XSS is the number one most common vulnerability for bug bounty and...
Read more →Category: Mix
What Is an Information Disclosure Vulnerability? [Examples]
HackerOne’s 8th Annual Hacker-Powered Security Report states that information disclosure is the third most common vulnerability reported in bug bounty and...
Read more →
What Is It & How to Remediate
HackerOne’s 8th Annual Hacker-Powered Security Report states that improper access control is the second most common vulnerability reported in a bug...
Read more →
Unlocking Engagement with Employee Feedback
Since 2018, HackerOne has maintained an employee engagement survey participation rate of over 80%, with half of the surveys achieving...
Read more →
How HackerOne Disproved an MFA Bypass With a Spot Check
What Is a Spot Check? A Spot Check is a powerful tool for security teams to do a tightly focused and...
Read more →
HackerOne’s Fall Day of Service
Employees had the chance to connect over shared goals and values, fostering stronger relationships beyond the workplace. This event generated...
Read more →
AI in SecOps: How AI is Impacting Red and Blue Team Operations
Integrating AI into SOCs The integration of AI into security operations centers (SOCs) and its impact on the workforce are...
Read more →
Flexible Data Retrieval at Scale with HAQL
What is HAQL? Back in 2022, we were faced with a challenge: we wanted to build useful, actionable dashboards for...
Read more →
How REI Strengthens Security with HackerOne’s Global Security Researcher Community
Q: Please introduce yourself. Tell us what you do at REI and why cybersecurity is important to REI. A: I’m...
Read more →
How HackerOne Employees Stay Connected and Have Fun
This year, we launched new initiatives designed to bring people together in fun and innovative ways, including playing online games,...
Read more →
How an MFA Bypass Led to Account Takeover [Plus 11 Authentication Tips]
Many Facets, One Goal A common trope in cybersecurity is “don’t roll your own auth.” There’s a reason for this: implementing...
Read more →
5 Insights Attendees Gained from the Security@ World Tour
If you weren’t lucky enough to catch us at a roadshow event, you’ll be delighted to know you can catch...
Read more →