[Release] New scan profile overview allows you to see progress over time
Our brand new scan profile overview is finally here! For a long time, we have preached continuous security, encouraging our users to schedule recurring tests…
Category: Mix
The Best is Yet To Come: DOD Awards New Hack the Pentagon Contract to HackerOne
Today we celebrate cyber defense. The U.S. Department of Defense’s Defense Digital Service (DDS) announced expansion of the Hack the Pentagon crowdsourced security program and…
IT Security FAQ 9: What is the difference between a firewall, antivirus and services like Detectify?
Cyber security overall has a pretty wide spectrum, and solves vulnerability issues in different ways. Antivirus is the traditional method, where a program looks through…
Financial Services: Tips for Bug Bounty Success
In our recent webinar, “Bug Bounty Programs: Lessons Learned From Implementation In The Financial Service Industry”, we heard some great tips from an appsec leader…
IT Security FAQ 10: What is malware, phishing, spyware, data mining and DDoS?
Malware is an umbrella term for viruses, trojans, spyware, adware etc. It is an abbreviation of “malicious software”. Spyware, as the name implies, is software that spies…
What To Do When You’re Stuck Hacking
Hacking can be tedious work. Sometimes you’ve been looking for hours, perhaps days, and you’re unable to find a security vulnerability. It can be demotivating at…
OWASP TOP 10: Security Misconfiguration
Security misconfiguration is the fifth vulnerability on OWASP‘s list of the ten most common vulnerabilities. A proof of concept video follows this article. OWASP is…
Discovering programs is easier than ever with the new and improved Program Directory
Today, we’re excited to announce an overhaul of the HackerOne Program Directory! Since its launch, Hackers have been using the Program Directory to find new…
Misconfigured email servers open the door to spoofed emails from top domains
TL;DR, Missing SPF records are a common and long-standing security issue that puts sensitive information at risk. To get a better idea of just how…
Security@ 2018: Sumo Logic’s CSO On Transparency and Using Hacker-Powered Pen Tests for Better Security and Complete Compliance
George Gerchow isn’t afraid to tell it like it is. As the CSO of Sumo Logic, he’s responsible for securing their cloud-native, machine data analytics…
IT Security FAQ: what should you do to protect yourself online? What is the number one everyday mistake people make?
There is a lot think about when it comes to security, but what is the one most important piece of advice a security expert can give?…
Security@ 2018: Oath, DoD Highlight Value in Bringing Bug Bounties to Life
Most hacker-powered security happens remotely, with digital messaging being the typical communication channel. There’s no brainstorming together with a whiteboard, no chats over coffee, no…