HackerOne Blog

The latest from HackerOne

When Discovery Is Cheap, Validation Is Priceless for Reducing Risk

March 26, 2026

AI is making vulnerability discovery cheap. CTEM only reduces risk when teams validate exploitability, remediate, and retest to prove fixes hold.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Exposure Management

Hai

When Security Teams Can Prove Exposure Risk, They Can Reduce It Faster

April 30, 2026

Meet new Hai capabilities that validate exploitability, reduce triage noise, and help security and engineering move from findings to fixes faster.

Exposure Management

We Benchmarked Opus 4.7 on Vulnerability Validation. Here's What We Found.

April 21, 2026

We benchmarked Claude Opus 4.7 on code-backed vulnerability validation. See accuracy gains, fewer false positives, and what it means for triage.

Exposure Management

Some CISOs Feel Prepared for AI, Some Don’t: Here’s the Difference

April 17, 2026

HackerOne’s 2026 research shows AI adoption is outpacing security testing. Continuous security testing with seven methods helps CISOs close the coverage gap.

Exposure Management

Finding Fast, Fixing Slow: The Crisis of Asymmetric Remediation

April 17, 2026

AI vulnerability discovery is accelerating fast, but remediation is not. See why backlogs compound, why validation matters, and what to change now.

Exposure Management

The Vulnerability Apocalypse Is a Remediation Crisis

April 15, 2026

Move from periodic testing to continuous intake, faster validation, and systemic fixes for recurring bug classes. A data-backed case for retooling remediation.

Exposure Management

Hai

From Report to Remediation: A Real-World XSS Validation Workflow

April 14, 2026

A real-world XSS workflow shows how continuous security validation helps teams prove exploitability and confirm fixes faster with reusable evidence.

Exposure Management

Response

3 Principles for Modern VDPs: How AWS Keeps Vulnerability Disclosure Working at Massive Scale

April 9, 2026

AWS shows how modern vulnerability disclosure scales: design for scale, optimize time to context, and eliminate vulnerability classes with HackerOne.

Pentest as a Service

Why Real-World Testing Makes Agentic Pentesting Smarter Over Time

April 9, 2026

Agentic pentesting improves fastest in production. See how real-world testing plus validated feedback boosts accuracy, coverage, and reliability over time.

HackerOne News

Responsible AI at HackerOne: 2026 Update

April 9, 2026

A 2026 update on HackerOne’s responsible AI: human oversight for sensitive actions, stateless inference, no-training commitments, and open validation.