AI is Founder Augmentation | Daniel Miessler
The ideal number of human employees in any company is zero. This is a flaw of capitalism, not automation, yet in the next couple years…
Category: Mix
Reality With Filters | Daniel Miessler
I clearly see the merits of both sides, similar to the end-to-end encryption discussion. The last few years have given me some clarity on where…
A Partial Victory for AI Researchers
HackerOne has partnered with security and AI communities to advocate for stronger legal protections for independent researchers. Most recently, HackerOne participated in a workshop hosted by…
Security Update: Ivanti Connect Secure (CVE-2025-0282)
A critical vulnerability (CVE-2025-0282) has been identified in Ivanti Connect Secure, Policy Secure, and ZTA Gateways. This vulnerability could allow unauthenticated remote attackers to achieve…
Inside the tech that continuously monitors our customers’ attack surface
As part of our Detectify under the hood blog series, we recently introduced our new engine framework and how it helped us address a critical…
Triage in bug bounty | Intigriti
As we step into 2025, many of us are setting resolutions to improve, grow, and achieve more. At Intigriti, we’re doing the same—but with a…
ROI Isn’t Cutting It: 6 Questions to Help CISOs Better Quantify Security Investments
However, in cybersecurity, quantifying net profit becomes significantly more complex due to the intangible nature of its benefits and the absence of direct revenue generation.…
Effective API Throttling for Enhanced API Security
APIs are the backbone of modern digital ecosystems, but their misuse can expose systems to cyber threats. Effective API throttling not only optimizes performance but…
The OWASP Top 10 for LLMs 2025: How GenAI Risks Are Evolving
Here is HackerOne’s perspective on the Top 10 list for LLM vulnerabilities, how the list has changed, and what solutions can help secure against these…
AI-Powered Hacking · Joseph Thacker
In most domains, the best AI tools of our day reduce friction and speed up top-tier humans. Agents might take over later, but for now,…
Hunting for blind XSS vulnerabilities: A complete guide
Cross-site scripting (XSS) vulnerabilities are quite common and fun to find. They also carry great impact when chained with other vulnerabilities. But there’s another variant…
The Top 10 Data Breaches of 2024
2024 has been a tumultuous year in cybersecurity with numerous significant data breaches compromising sensitive information and affecting millions globally. While these breaches have caused…