HackerOne

Today, most organizations have some level of information security, but often it consists of point solutions deployed independently and operating in silos. ISO 27001 promotes a strategic, holistic...

A Note on Operating System (OS) / DistrosOne of the first things people get caught up on when they start hacking is "which distro should I use?" Most, if not all, hacking tools work on any Linux /...

Customers who take part in the Ambassador World Cup get dedicated focus from highly motivated and expert teams of hackers. Last year, hackers reported 800+ valid vulnerabilities across 12...

The 14-week program focuses on developing the skills necessary to lead with self-awareness, communicate with empathy, inspire transformational work among teams, and successfully lead in a...

We wasted no time reaching out to HackerOne employees for the inaugural Day of Service. In just a short span of time, we received 40 sign-ups for various projects around the world. Seeing our team...

The Importance of CREST in Pentesting When you engage any professional to perform a service within your digital estate, assurance is required that their activities will not result in any form of...

“Supporting a cure for ALS is important to Zoom both from a social responsibility standpoint and in terms of its impact on employee engagement, brand reputation, talent acquisition, and personal...

When I joined 9 years ago, I told the founders we would need 10 years to reach a certain revenue goal. I said we would build a company that defines and leads its category. I signed up for and...

The OWASP Top 10 for LLM Applications identifies prompt injection as the number one risk of LLMs, defining it as “a vulnerability during which an attacker manipulates the operation of a trusted...

Every organization has its strategy of alerting and on-call. The experience of being on-call in different teams for different stacks is never the same, but the lessons one learns can be applied...

Deciding that the first stop in the Journey should be a CI cluster, the team started drafting plans. Plans on how they would get there, what kind of underlying infrastructure they would need, how...

Though writing is a more creative process than writing code, it does not make it easier. It requires practice, repetition, feedback, and mastering the fundamentals to develop your writing. Let’s...

You can now streamline and enhance your vulnerability management process with HackerOne’s in-platform GenAI copilot, Hai. Hai delivers a deeper and more immediate understanding of the reports that...

Did you always think you would work in the technology industry?After finishing my undergraduate degree at UC Berkeley, I began working at the San Francisco SPCA, thinking one day I would become a...

SOC 2 compliance is based on evaluating a set of Trust Services Criteria (TSC). These criteria are grouped into five categories and are evaluated against the organization’s objectives:Security:...

What Is an Ethical Hacker?An ethical hacker is a cybersecurity professional who uses their skills and knowledge in hacking to identify vulnerabilities and weaknesses in computer systems, networks,...

“Capital One puts the security of our customers and our systems at the forefront of everything we do.  Live Hacking Events are a key component of our robust security testing strategy and are a...

MultiplyingAt HackerOne, we use the Spotify Engineering Framework, meaning we work in Squads. Each Squad is a mini-team focused on specific tasks, like a small startup within the company.The...