5 Security Stages of the DevSecOps Pipeline

DevSecOps builds on modern DevOps practices by incorporating security processes and automation into the development pipeline. This enables development teams to continue the rapid and continuous delivery trend while improving software assets' security. The DevSecOps pipeline follows the familiar DevOps “infinity loop” structure while incorporating some extra steps to ensure code security before, during, and after it’s pushed to production.


https://www.hackerone.com/application-se...s-pipeline

A Thank You to the Hacker Community, From HackerOne

When I joined HackerOne last year, the vitality of the hacker community drew me to this organization. And as Chief Hacking Officer, I see the impact this community makes daily. Together, we’ve identified nearly 300,000 vulnerabilities through our programs — 300,000 fewer ways cybercriminals can harm society. That’s why I'm here to say thank you on behalf of our customers and everyone at HackerOne.


https://www.hackerone.com/ethical-hacker...-hackerone

Introducing HackerOne Assets

Understanding where the critical flaws lie within your organization's attack surface is critical—but complicated. After all, your attack surface includes your infrastructure, network, software, applications, devices, and the extended supply chain. But it doesn’t stop there. Digital transformation, cloud adoption, the shift to remote work, mergers and acquisitions (M&A), and shadow IT further muddy the waters for today’s security leaders.


https://www.hackerone.com/vulnerability-...one-assets

Introducing Program Levels: Hacker-friendly Practices that Improve Program Results

The ethical hacker community is one of the most powerful security resources available to any organization. We’ve worked with this community firsthand for the last decade and have witnessed their effectiveness and ingenuity. We’ve also learned a lot while helping organizations engage the world’s largest community of ethical hackers. 

Today, we’re pleased to announce a new tool to align your program with the state-of-the-art and signal your program maturity: Program Levels, a structured framework that lets programs level up by publicly committing to certain best practices.


https://www.hackerone.com/company-news/i...am-results

HackerOne Assets Deep Dive: Asset Inventory




https://www.hackerone.com/vulnerability-...-inventory

Jedox’s Journey with HackerOne: A Q&A with CTO, Vladislav Maličević

Jedox secures their cloud - and their customers - with HackerOne Assessments and HackerOne Bounty. Read this blog to learn how they're creating a best-in-class cybersecurity program thanks to ethical hackers.


https://www.hackerone.com/best-practices...-malicevic

How to Use Bug Bounty Program Data to Improve Security and Development

Bug bounty program data tells a story—but which story?

Tracking program metrics can help organizations identify issues, spot opportunities, and take corrective actions. To do this, stakeholders must know which metrics to track and how to interpret the results.


https://www.hackerone.com/vulnerability-...evelopment

Grab Celebrates 5 Years on HackerOne

"Just five years ago, leading rideshare, food delivery, and payments company Grab, became one of the first companies in Southeast Asia to implement a hacker-powered security program. In just three years Grab became one of the Top 20 bug bounty programs on HackerOne worldwide."




https://www.hackerone.com/company-news/g...-hackerone

LINE on Securing the Application Development Lifecycle with Bug Bounties

HackerOne has a large hacker community and the platform necessary to operate LINE’s bug bounty program. By using HackerOne’s platform and welcoming the community, LINE can increase operational efficiency. Through the partnership with HackerOne, we can share new bugs and learn from the vulnerability trends on the Platform while also getting a guide that helps us create a successful bug bounty program.



https://www.hackerone.com/application-se...g-bounties

2020 Hacker Community Year in Review

From CTF’s to virtual live hacking events and more, check out this recap of the initiatives HackerOne hosted for the hacker community in 2020.



https://www.hackerone.com/community-blog...ear-review