What is your program’s Scope?
We are glad to announce our new functionality for defining Scope! HackerOne’s Vulnerability Taxonomy now includes Severity, Weakness type, and Asset. What is Scope? Your…
Category: Mix
Q&A With @MalwareTechBlog | HackerOne
When he’s not reverse engineering malware, Marcus Hutchins (aka @MalwareTechBlog) can be found surfing, partying, or traveling. That’s to be expected for any typical 22-year-old,…
Hey Hackers: We’ve got your free Burp Suite Professional license right here
Listen up new and aspiring hackers, we’ve teamed up with our friends at PortSwigger to offer free 90-day licenses for Burp Suite Professional. Burp…
Key Findings From The Hacker-Powered Security Report: Responsive Programs Attract Top Hackers (3 of 6)
When hackers provide value, from simply disclosing a vulnerability to doing the deep research required to find a critical bug, they appreciate thoughtful engagement with…
Faster and Better: New Bank Transfer Payment Feature for Hackers
Hackers, we have some great news to share! We’re happy to announce that we’re adding Bank Transfers as a payout option to complement Paypal and…
How to: Recon and Content Discovery
Intro Recon plays a major role while hacking on a program. Recon doesn’t always mean to find subdomains belonging to a company, it also could…
Security Risk Assessment Report – Key Facts
Our Hacker-Powered Security Report is so chock-full of compelling insights, interesting tidbits, and surprising stats that we decided to distill them down to just the…
Key Findings From The Hacker-Powered Security Report: Bounty Payments Are Increasing (4 of 6)
As mentioned in our last post of this series, when hackers provide value, they appreciate thoughtful engagement with the organization they’re helping. You know what…
5 Hacker-Powered Trends You Need to Know About
The Hacker-Powered Security Report examines the largest dataset of more than 800 hacker-powered security programs, compiles learnings from application security practitioners and the hackers who…
Key Findings From The Hacker-Powered Security Report: Vulnerability Disclosure Policies (5 of 6)
When someone finds a potential issue with your website, hardware, or software, you want to be notified. Having a vulnerability known to others, but unknown…
Aim High…Find, Fix, Win! | HackerOne
It took just under a minute for hackers to report the first security vulnerability to the U.S. Air Force. Twenty-five days later when the Hack…
Vulnerability Disclosure Policy Basics: 5 Critical Components
Vulnerability disclosure and hacker-powered security cannot be ignored. In July 2017, the Dept of Justice issued a framework for organizations looking to implement vulnerability disclosure…