HackerOne Blog
Read the HackerOne blog to learn strategies for strengthening your attack resistance with help from highly skilled ethical hackers. Improve your security profile and stay up to date on industry trends and emerging threats.
Get the latest news and insights beamed directly to you.
XZ Utils CVE-2024-3094: A Tale of Broken Trust, Curious Persistence, and a Call to Action
An Emerging Playbook for AI Red Teaming With HackerOne
What Is the Difference Between Pentesting and Bug Bounty?
HackerOne and the OWASP Top 10 for LLM: A Powerful Alliance for Secure AI
Interpret the 2023 GigaOm PTaaS Radar Report with HackerOne
Discover more with topics that matter to you most.
Generative AI
Generative Artificial Intelligence (GenAI) is ushering in a new era of how humans leverage technology. At HackerOne, we are combining human intelligence with artificial intelligence at scale to improve the efficiency of people and unlock entirely new capabilities.
Application Security
Learn how to prevent vulnerabilities in your applications. We cover current practices in application security, cloud security, API testing, and more.
Ethical Hacker
Ethical hackers, pentesters, and security researchers. We explain everything you need to know about them and how they can help your organization.
Company News
Stay informed of HackerOne partnerships, integrations, hackathon results, and other developments that keep HackerOne customers two steps ahead of cybercriminals.
Blogs From HackerOne's CEO
Read insights from HackerOne Chief Executive Officer Marten Mickos.
Penetration Testing
Follow the latest practices in penetration testing, including API testing, application testing, external networks, internet-facing infrastructure, and more.
Public Policy
HackerOne advocates for policies and standards around the world that support our customers, advance protections for the hacker community, and promote adoption of cybersecurity best practices.
Vulnerability Management
We cover everything in vulnerability management including discovery, prioritization, assessment, disclosure, and remediation.
How VDP Aligns With Zero Trust
Fortifying Assets for SEC Compliance with HackerOne
Vulnerability Prioritization: Severity Does Not Mean Priority
2024 Budget Planning: Preparing For U.S. Mandates to Implement Vulnerability Disclosure Policies (VDPs)
What Is the Difference Between Pentesting and Bug Bounty?
The 7th Annual Hacker-Powered Security Report