HackerOne Blog
Read the HackerOne blog to learn strategies for strengthening your attack resistance with help from highly skilled ethical hackers. Improve your security profile and stay up to date on industry trends and emerging threats.
Get the latest news and insights beamed directly to you.
How HackerOne Disproved an MFA Bypass With a Spot Check
An Emerging Playbook for AI Red Teaming With HackerOne
What Is the Difference Between Pentesting and Bug Bounty?
HackerOne and the OWASP Top 10 for LLM: A Powerful Alliance for Secure AI
Interpret the 2023 GigaOm PTaaS Radar Report with HackerOne
Discover more with topics that matter to you most.
Generative AI
Generative Artificial Intelligence (GenAI) is ushering in a new era of how humans leverage technology. At HackerOne, we are combining human intelligence with artificial intelligence at scale to improve the efficiency of people and unlock entirely new capabilities.
Application Security
Learn how to prevent vulnerabilities in your applications. We cover current practices in application security, cloud security, API testing, and more.
Ethical Hacker
Ethical hackers, pentesters, and security researchers. We explain everything you need to know about them and how they can help your organization.
Company News
Stay informed of HackerOne partnerships, integrations, hackathon results, and other developments that keep HackerOne customers two steps ahead of cybercriminals.
Blogs From HackerOne's Former CEO
Read insights from HackerOne's Former Chief Executive Officer Marten Mickos.
Penetration Testing
Follow the latest practices in penetration testing, including API testing, application testing, external networks, internet-facing infrastructure, and more.
Public Policy
HackerOne advocates for policies and standards around the world that support our customers, advance protections for the hacker community, and promote adoption of cybersecurity best practices.
Vulnerability Management
We cover everything in vulnerability management including discovery, prioritization, assessment, disclosure, and remediation.
Engineering Blog
Inside HackerOne Engineering: developing for a safer digital world.
How HackerOne Disproved an MFA Bypass With a Spot Check
How an Improper Access Control Vulnerability Led to Account Theft in One Click
How an Information Disclosure Vulnerability Led to Critical Data Exposure
How a Cross-Site Scripting Vulnerability Led to Account Takeover
How a Business Logic Vulnerability Led to Unlimited Discount Redemption
The 8th Annual Hacker-Powered Security Report