How an MFA Bypass Led to Account Takeover [Plus 11 Authentication Tips]
Many Facets, One Goal A common trope in cybersecurity is “don’t roll your own auth.” There’s a reason for this: implementing authentication is deceptively difficult. Many…
Category: Mix
There is no room for racism or inequality here.
The merciless killing by police of George Floyd laid bare, once again, the institutionalized racism that plagues the USA. It is worse than racism. What…
How HackerOne Employees Stay Connected and Have Fun
This year, we launched new initiatives designed to bring people together in fun and innovative ways, including playing online games, monthly global fitness challenges, and…
Frontview Mirror: 2025 Edition
.bh__table, .bh__table_header, .bh__table_cell { border: 1px solid #C0C0C0; } .bh__table_cell { padding: 5px; background-color: #FFFFFF; } .bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap:…
Hacking for Good | HackerOne
We start the new year of 2020 with great prospects. First of all, 2019 turned out to be a massive success for hacker-powered security. HackerOne…
How REI Strengthens Security with HackerOne’s Global Security Researcher Community
Q: Please introduce yourself. Tell us what you do at REI and why cybersecurity is important to REI. A: I’m Isaiah Grigsby, a senior application…
Best Practices for API Discovery and Management
APIs are the backbone of interconnected applications, enabling organizations to innovate, integrate, and scale rapidly. However, as enterprises continue to expand their digital ecosystems, they…
How our new engine framework helped address the critical CUPS vulnerability within the day
When a critical vulnerability in the printing system CUPS started raising alarms among security teams, Detectify had already entered war-room mode to address the situation.…
AI in SecOps: How AI is Impacting Red and Blue Team Operations
Integrating AI into SOCs The integration of AI into security operations centers (SOCs) and its impact on the workforce are pivotal aspects of successful AI…
Flexible Data Retrieval at Scale with HAQL
What is HAQL? Back in 2022, we were faced with a challenge: we wanted to build useful, actionable dashboards for our customers, and we wanted…
How HackerOne Disproved an MFA Bypass With a Spot Check
What Is a Spot Check? A Spot Check is a powerful tool for security teams to do a tightly focused and scoped human-powered assessment with security…
HackerOne’s Fall Day of Service
Employees had the chance to connect over shared goals and values, fostering stronger relationships beyond the workplace. This event generated 13 projects around the U.S.…