Introducing the Wells Fargo Public Bug Bounty Program
Since then, we’ve grown the program, collaborated with HackerOne, and built partnerships within the bug bounty community. The valuable insights we’ve gained from security researchers…
Category: Mix
How Crypto and Blockchain Organizations Manage Complex Attack Surfaces With Competitive Security Testing Programs
There are three factors that differentiate crypto and blockchain organizations from other industries; their attack surfaces, their most common vulnerabilities, and the amount they spend…
How a Privilege Escalation Led to Unrestricted Admin Account Creation in Shopify
In a privilege escalation attack, an attacker gains elevated rights, permissions, or entitlements beyond the intended level associated with their identity, account, or device. Systems…
New York Releases AI Cybersecurity Guidance: What You Need to Know
AI adoption is accelerating in the financial services industry, both as an asset for improving business operations and as a potential tool to defend against…
The OWASP Top 10 for LLMs 2025: How GenAI Risks Are Evolving
Here is HackerOne’s perspective on the Top 10 list for LLM vulnerabilities, how the list has changed, and what solutions can help secure against these…
ROI Isn’t Cutting It: 6 Questions to Help CISOs Better Quantify Security Investments
However, in cybersecurity, quantifying net profit becomes significantly more complex due to the intangible nature of its benefits and the absence of direct revenue generation.…
Introducing Lightspark’s Public Bug Bounty Program
Expanding Our Bug Bounty Program At Lightspark, we’ve always been focused on security that meets and exceeds industry standards. We’ve been partnering with HackerOne, the global…
Resurrecting Shift-Left With Human-in-the-loop AI
What’s Needed for Secure by Design Success We spent years understanding the culprits of why “shift-left” controls fail to identify the principles needed for them…
Hope in the Fight Against Cyber Threats: A New Year’s Message to CISOs
Facing the Reality: Cybersecurity’s Mounting Pressures The cybersecurity landscape is evolving at an unprecedented pace. This past year, breaches resulting from exploited vulnerabilities grew 180%, and…
A Practical Guide to Investigating IoT Devices with the SecurityTrails API
The last decade is arguably one of exceptional growth and transformation, with technologies like the Internet of Things (IoT) leading us to add sensory awareness…
Hope in the Fight Against Cyber Threats: A New Year’s Message to CISOs
Facing the Reality: Cybersecurity’s Mounting Pressures The cybersecurity landscape is evolving at an unprecedented pace. This past year, breaches resulting from exploited vulnerabilities grew 180%, and…
Sending Billions of Daily Requests Without Breaking Things with our Rate Limiter
At Detectify, we help customers secure their attack surface. To effectively and comprehensively test their assets, we must send a very high volume of requests…