HackerOne and JIRA integration update: more improvements, fewer clicks
Last month, we announced a major improvement to how HackerOne integrates with JIRA. We’re following that up with more good news around making simple cross-platform…
Category: Mix
Ethical considerations of access to the HackerOne community
Since its founding, HackerOne has been on a mission to empower the world to build a safer internet. HackerOne helps over 800 diverse organizations collaborate…
Bug Bounty Programs — Why Should I Care?
Why should I care about bug bounty programs? Every digital company has software vulnerabilities, and they get expensive in case of a breach. The cost…
HackerOne’s Approach to Triage | HackerOne
By Jobert Abma This is part 1 in a series of blog posts on HackerOne’s Triage Services. Triage is critical to any vulnerability disclosure process…
Visual Guide to Bug Bounty Programs
The Bug Bounty Field Manual is the definitive guide on how to plan, launch, and operate a successful bug bounty program. But 10,283 words is…
Register Now to Hack the US Air Force
Hackers, do you have what it takes to hack the U.S. Air Force? Register now to participate in the Department of Defense’s largest bug bounty…
Put Your Security to the Test: Introducing HackerOne Challenge
Today we launch a new product, designed for every security team that runs periodic testing of web applications. HackerOne Challenge is modeled after the time-bound…
GitLab’s Brian Neel on Secure Software Development and Bug Bounties
Did you miss our webinar with GitLab, Innovating Faster Without Sacrificing Security or Quality? It is jam packed with insights into how they partner with…
The $30,000 Gem: Part 1
Opening your database to the world is a scary thought! But that’s exactly what we wanted to do by implementing a GraphQL endpoint. Feeling stuck…
It’s Phab-tastic! HackerOne integrates with Phabricator
Like many companies in Silicon Valley, we at HackerOne believe in using what we build. (This is sometimes referred to as eating your own dog…
Server-Side Request Forgery – SSRF Security Testing
Server-Side Request Forgery, SSRF for short, is a vulnerability class that describes the behavior of a server making a request that’s under the attacker’s control.…
GitHub Embraces Hacker-Powered Security To Protect 55 Million Projects
We recently published The GitHub Bug Bounty Story and couldn’t be more excited to share it with you! TL;DR: Their lead security engineer summarizes the…