Category: Security

AlienVault streamlines their vulnerability disclosure with HackerOne Response

AlienVault streamlines their vulnerability disclosure with HackerOne Response

Like many organizations, AlienVault had set up a vulnerability disclosure policy for any bugs found on their website. If someone found a vulnerability, all they had to do was send an email to their security team. AlienVault quickly found that...

/ December 12, 2017
Why Riot Games Pays Hackers to Break Them

Why Riot Games Pays Hackers to Break Them

In the League of Legends world, your nexus is protected from outside threats by a strong team of diverse champions. It’s similar to how you should approach security in the real world, and wouldn’t it be better to have more...

/ December 4, 2017
KPMG’s Cyber Security Expert Offers Advice for Bug Bounty Success

KPMG’s Cyber Security Expert Offers Advice for Bug Bounty Success

Before you propose a bug bounty program to your organization, you need a comprehensive plan. That’s just one of the many takeaways offered on a recent podcast from KPMG’s Advisory Institute, which publishes content related to business performance, technology, risk...

/ December 1, 2017
The ICO’s 12-Step Guide to GDPR Compliance

The ICO’s 12-Step Guide to GDPR Compliance

When the European General Data Protection Regulation (GDPR) takes effect on May 25, 2018, every organization that collects information on European Union (EU) citizens will be forced to change how it manages and secures customer data. Hopefully you’re already taking...

/ November 30, 2017
Breach Basics: Preparation for the Inevitable

Breach Basics: Preparation for the Inevitable

Data breaches in information security have become an inescapable reality. A common inquiry we receive here at HackerOne is for guidance on how to most effectively respond to one of these unfortunate incidents. There are no easy answers. Our hope...

/ November 28, 2017
The Voices of Vulnerability Disclosure: Look Who’s Talking About VDPs

The Voices of Vulnerability Disclosure: Look Who’s Talking About VDPs

The attention being given to vulnerability disclosure policies (VDP) in the past year has increased dramatically. It might be the latest high-profile breach that sparks a comment, but more and more, it’s the attitude that VDPs aren’t just nice-to-haves, they’re...

/ November 22, 2017
H1-212 CTF results

H1-212 CTF results

Hello hackers! Thanks to all of you who participated in our first ever h1-212 CTF!  We had a lot of fun building it and it looks like many of you had a great time participating. As promised, our three winners...

/ November 21, 2017
Hack your way to NYC this December for h1-212

Hack your way to NYC this December for h1-212

Want to win an all expenses paid trip to New York City to hack against HackerOne 1337 and a chance to earn up to $100,000 in bounties? The h1-212 CTF is here! On December 9th, 2017, h1-212 will be happening...

/ November 13, 2017
Hack The Pentagon Turns One on HackerOne

Hack The Pentagon Turns One on HackerOne

Great news for U.S. citizens! Over 3,000 valid security vulnerabilities have been resolved with the U.S. Department of Defense’s “Hack the Pentagon” hacker-powered security program. Just over a year ago, following the success of the pilot, we announced the U.S....

/ November 9, 2017
Hacker-Powered Pen Tests and The Power of More

Hacker-Powered Pen Tests and The Power of More

Traditional penetration testing is an important tool in your appsec strategy toolbox. Compliance requires it. Your CIO understands it. Your team is accustomed to it. But they can be expensive, especially those that produce low-hanging fruit results. And even more...

/ November 8, 2017
HackerOne CEO joins Node.js Foundation Board

HackerOne CEO joins Node.js Foundation Board

Open source models are the backbone of the modern internet. Therefore, it’s our duty to defend them. That’s why HackerOne has joined the Node.js Foundation as a member and CEO Marten Mickos has joined its board. Node.js Foundation sat down...

/ November 6, 2017
XOXO: We Love Coinbase for Loving Bug Bounties

XOXO: We Love Coinbase for Loving Bug Bounties

Besides being the world’s most popular way to buy and sell bitcoin, ethereum, and litecoin, Coinbase is a trailblazer in hacker-powered security. They started their bug bounty program way back in 2012, moved onto the HackerOne Platform in early 2014,...

/ November 2, 2017