12 incident response metrics your business should be tracking
If there’s a vulnerability in your systems that cybercriminals could exploit, you’ll want to know about it. Collaborating with people outside your organization to alert…
Category: Mix
Automating Dead Link Detection | HAHWUL
Using Deadfinder and GitHub Actions for Seamless Link Management A dead link, or broken link, occurs when a hyperlink points to a web page that…
Advanced API Authentication Strategies for Enhanced Security
Passwordless authentication for end users is taking the world by storm, offering organizations and individuals alike unprecedented security, user experience, and efficiency benefits. By all…
CVE-2024–45186: Unauthenticated SSTI bug in Filesender exposes MySQL & S3 credentials and other configuration variables, potentially leaking all (sometimes encrypted) user uploaded files. Dutch Universities affected. | by Jonathan Bouman | Oct, 2024
FileSender is an open-source web application designed for securely transferring large files. The idea for FileSender was born in 2007 during a task-force meeting of…
Bypassing Whitelists With XSS Payloads in Attributes
There are XSS scenarios where there’s a strong filter in place like WordPress’s KSES. That filter, like many others, uses a Whitelist approach allowing only…
Measure Your AI Risk Preparedness with This Interactive Self-Assessment Tool
Effectively managing these risks requires human expertise and strategic oversight. That’s where the AI Risk Readiness Self-Assessment Tool comes in — helping your organization evaluate the…
European Council Adopts Cyber Resilience Act
The CRA will be a game-changing regulation for software and connected product security. The CRA imposes cybersecurity requirements for manufacturers of software and connected products…
How To Use HackerOne’s Global Vulnerability Policy Map
To help organizations keep up with the shifting landscape of VDP mandates and recommendations, HackerOne has developed the Global Vulnerability Policy Map, an interactive map-based…
Get to know our new Domains page
Earlier this year, we launched a new Domains page to give you more powerful and flexible attack surface insights. When the recent CUPS vulnerability hit…
How to Use Hugging Face Models with Ollama
Ollama is one of my favorite ways to experiment with local AI models. It’s a CLI that also runs an API server for whatever it’s…
The Recruitment Process: What to Expect When You Apply at HackerOne
If you’re considering applying, here’s a look at what you can expect from the process, from the initial application to joining your onboarding cohort. Application…
How an IDOR Vulnerability Led to User Profile Modification
According to the 7th Annual Hacker-Powered Security Report, IDOR makes up 7% of the vulnerabilities reported via the HackerOne platform. Government agencies and automotive organizations saw…