Integrate HackerOne directly into your website with Embedded Submissions
Receiving vulnerabilities has never been easier with the release of our newest integration: Embedded Submissions. What started with Email forwarding in 2017, is now being…
Category: Mix
OWASP TOP 10: Sensitive Data Exposure
Update: The new OWASP Top 10 for 2021 proposed has grouped Sensitive Data Exposure with failures related to cryptography into a category called Cryptographic Failures.…
Shopify Awards $116,000 to Hackers in Canada: h1-514 Recap
Forty top hackers met in Montréal in mid-October to hack Canada-based Shopify. The commerce platform helps more than a half-million merchants spread across 90% of…
Security-focused Work Routine in 7 Steps
Security is not only a competitive edge, it’s a must. Companies will soon be compelled to implement a holistic security approach to keep up with…
[tl;dr sec] #182 – Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes
Hey there, I hope you’ve been doing well! 📢 ICYMI AppOmni recently released a free tool that can evaluate your Salesforce instances for misconfigurations and…
Hacker101 CTF++: Find flags, get private bug bounty program invitations
Hacker101 CTF++ Three months ago, we introduced the Hacker101 CTF: A fresh new way to apply your hacking skills to real-world challenges, no matter your…
OWASP TOP 10: Missing Function Level Access Control
Missing Function Level Access Control is one of the vulnerabilities on OWASP’s Top 10 list and occurs when authentication checks in request handlers are insufficient. A…
Introducing Hacker Dashboard: Your personalized HackerOne overview
Earlier this month, we introduced the all-new Program Directory with a fresh set of metrics and better filtering. Now, we’re taking it a step further…
OWASP TOP 10 2013: Cross-site Request Forgery – CSRF
Cross-site Request Forgery (CSRF) is one of the vulnerabilities on OWASP’s Top 10 list. Its an attack used to make requests on behalf on the user.…
Test your hacking skills on real-world simulated bugs
Hacktivity is a treasure trove of vulnerability data and tactics. You’ve got newly published reports from across the web, staple programs that believe in the…
General Data Protection Regulation: What It Means For Your Business
Coming into effect in May 2018, the General Data Protection Regulation will give EU data protection legislation a much-needed update and simplify data protection routines…
Easy and secure Credential Management
Earlier this year we introduced Hacker Email Aliases which enables you to secure set up accounts for hackers inside your program, but to make it…