(Best) Practice Makes Perfect | HackerOne
Everyone at HackerOne has the goal of making sure that hackers and enterprises are partnering together with excellence. The role of the Chief Hacking Officer…
Category: Mix
Vuln of the Month: CVE-2020-10148 SolarWinds Orion Authentication Bypass
Every week, our global community of hand-picked Detectify Crowdsource ethical hackers submit new vulnerabilities that we make available to our users as automated security tests.…
Humiliation is Deadly – Daniel Miessler
Exploring a status game model for understanding negative behavior Created/Updated: October 27, 2022 I’ve been thinking for a few years about the danger presented by…
Announcing the HackerOne 2022 Attack Resistance Report: A Security Survey—How to Close Your Organization’s Attack Resistance Gap
Today, HackerOne published The 2022 Attack Resistance Report: A HackerOne Security Survey. Our research revealed an increasing gap—the attack resistance gap—between what organizations can defend…
How Wix Improves Their Security Posture with Ethical Hackers
Reducing risk is fundamental to Wix’s approach to cybersecurity, and as the threat landscape evolves, they turn to HackerOne Bounty to protect their security posture.…
Diversity & Belonging at Detectify: Challenging the traditional way to do security
At Detectify, we made the decision early on to build a diverse team of individuals from different backgrounds, nationalities, and life experiences. There are a…
Announcing the Results of the 12-month DIB-VDP Pilot
When the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) 12-month Pilot concluded, HackerOne sat down with the pilot’s collaborating agencies and the ethical hackers who…
UL NO. 354 | THE NEWS & ANALYSIS SERIES
Exploring the intersection of security, technology, and society—and what might be coming next… Standard Web Edition | Ep. 354 | October 24, 2022 SECURITY NEWS…
Why HackerOne Acquired Pull Request and What It Means to Our Customers
Security vulnerabilities are a significant workflow disruption when discovered near the end of development. Vulnerabilities found after release are a bigger problem. Depending on the…
Detectify makes upgrade to the fuzzing engine
There is a common tendency that the typical DAST scanner finds the easiest to locate known security vulnerabilities. If you need to find vulnerabilities that…
Introducing HackerOne Assets | HackerOne
Attack Resistance Management is the management of human security tests on your attack surface designed to increase your resistance to attackers. It is a cross-functional…
Podcast Audio Quality: AI-based Post-processing vs. Hardware
Hardware is supposed to be better for applying effects, but AI-powered software seems to be taking over Created/Updated: October 27, 2022 I’ve been podcasting since…