Category: Security
AlienVault streamlines their vulnerability disclosure with HackerOne Response
Like many organizations, AlienVault had set up a vulnerability disclosure policy for any bugs found on their website. If someone found a vulnerability, all they had to do was send an email to their security team. AlienVault quickly found that...
Why Riot Games Pays Hackers to Break Them
In the League of Legends world, your nexus is protected from outside threats by a strong team of diverse champions. It’s similar to how you should approach security in the real world, and wouldn’t it be better to have more...
KPMGâs Cyber Security Expert Offers Advice for Bug Bounty Success
Before you propose a bug bounty program to your organization, you need a comprehensive plan. That’s just one of the many takeaways offered on a recent podcast from KPMG’s Advisory Institute, which publishes content related to business performance, technology, risk...
The ICOâs 12-Step Guide to GDPR Compliance
When the European General Data Protection Regulation (GDPR) takes effect on May 25, 2018, every organization that collects information on European Union (EU) citizens will be forced to change how it manages and secures customer data. Hopefully you’re already taking...
Breach Basics: Preparation for the Inevitable
Data breaches in information security have become an inescapable reality. A common inquiry we receive here at HackerOne is for guidance on how to most effectively respond to one of these unfortunate incidents. There are no easy answers. Our hope...
The Voices of Vulnerability Disclosure: Look Whoâs Talking About VDPs
The attention being given to vulnerability disclosure policies (VDP) in the past year has increased dramatically. It might be the latest high-profile breach that sparks a comment, but more and more, it’s the attitude that VDPs aren’t just nice-to-haves, they’re...
H1-212 CTF results
Hello hackers! Thanks to all of you who participated in our first ever h1-212 CTF! We had a lot of fun building it and it looks like many of you had a great time participating. As promised, our three winners...
Hack your way to NYC this December for h1-212
Want to win an all expenses paid trip to New York City to hack against HackerOne 1337 and a chance to earn up to $100,000 in bounties? The h1-212 CTF is here! On December 9th, 2017, h1-212 will be happening...
Hack The Pentagon Turns One on HackerOne
Great news for U.S. citizens! Over 3,000 valid security vulnerabilities have been resolved with the U.S. Department of Defense’s “Hack the Pentagon” hacker-powered security program. Just over a year ago, following the success of the pilot, we announced the U.S....
Hacker-Powered Pen Tests and The Power of More
Traditional penetration testing is an important tool in your appsec strategy toolbox. Compliance requires it. Your CIO understands it. Your team is accustomed to it. But they can be expensive, especially those that produce low-hanging fruit results. And even more...
HackerOne CEO joins Node.js Foundation Board
Open source models are the backbone of the modern internet. Therefore, it’s our duty to defend them. That’s why HackerOne has joined the Node.js Foundation as a member and CEO Marten Mickos has joined its board. Node.js Foundation sat down...
XOXO: We Love Coinbase for Loving Bug Bounties
Besides being the world’s most popular way to buy and sell bitcoin, ethereum, and litecoin, Coinbase is a trailblazer in hacker-powered security. They started their bug bounty program way back in 2012, moved onto the HackerOne Platform in early 2014,...
