Healthy programs make for happy hackers. Introducing response SLAs

How do you measure the success of your HackerOne program? What are the top things hackers look for from security teams? Ever wonder how your peers at other companies are doing against their key performance indicators?

To answer these questions and more, today we’re launching our new response service level agreement (SLA) features to make it easier for you to maintain a healthy, responsive program.


https://www.hackerone.com/ethical-hacker...ponse-slas

GDPR: Let’s kill the FUD

It seems everywhere you look, the talk about GDPR is designed to scare you into action. Fear, uncertainty, and doubt (FUD) are powerful motivators. Probably the scariest thing of all: the potential fines. GDPR, on paper, allows for fines of up to €20 million ($24.5 million) or 4% of a company's global annual revenue. Here’s a quick (non-FUD-ified) list of some of what we see happening and how it may impact you.


https://www.hackerone.com/company-news/g...s-kill-fud

Q&A with HackerOne’s New Board Member: Kathryn Haun

We are thrilled to introduce HackerOne's new board member Kathryn Haun. Katie is a former U.S. Department of Justice (DOJ) federal prosecutor, Stanford Business School Lecturer and serves on the board of Coinbase. With cybersecurity affecting every industry, every entity, and every person who is digitally connected, Katie thinks one of the best ways to protect against nefarious actors is to provide a safe environment for ethical hackers to beat them to the punch.


https://www.hackerone.com/company-news/q...thryn-haun

New Hacker101 Content: Threat modeling, Burp basics, and more

Since January, thousands of hackers have expressed their enthusiasm about the first Hacker101 content drop (almost 80,000 total video views and 8,800+ stars on GitHub in just six months!); and now it's time to take things to the next level.


https://www.hackerone.com/ethical-hacker...s-and-more

Morrison & Foerster’s David Newman: How Corporate Counsel Should Approach Hacker-P

Interview with MoFo’s David Newman, of counsel in the National Security and Global Risk & Crisis Management practices. We asked David a few questions related to his work for clients on hacker-powered security, as well as what he’s seeing in the field as more and more organizations launch both vulnerability disclosure policies (VDP) and bug bounty programs.


https://www.hackerone.com/ethical-hacker...er-powered

The Hacker-Powered Security Report 2018

The Hacker-Powered Security Report 2018 is the most comprehensive report on hacker-powered security. Analysis of 78,275 security vulnerability reports received in the past year from ethical hackers that reported them to over 1,000 organizations through HackerOne.



https://www.hackerone.com/ethical-hacker...eport-2018

Software Vulnerability Disclosure in Europe: Summary and Key Highlights of the Europ

HackerOne’s summary review of the Software Vulnerability Disclosure in Europe Technology, Policies and Legal Challenges report.



https://www.hackerone.com/vulnerability-...highlights

Security@ 2018: Oath, DoD Highlight Value in Bringing Bug Bounties to Life

Most hacker-powered security happens remotely, with digital messaging being the typical communication channel. There’s no brainstorming together with a whiteboard, no chats over coffee, no conversations during the walk across the street for lunch. One of the many benefits of Security@ is the chance to bring hackers, developers, and security teams together to meet in real life.



https://www.hackerone.com/application-se...nties-life

Hacker101 CTF++: Find flags, get private bug bounty program invitations

Get rewarded with private invitations and work through the CTF as a group with our new release.



https://www.hackerone.com/application-se...nvitations

Test your hacking skills on real-world simulated bugs

Five sandbox environments of recently disclosed hacktivity reports available for anyone to test their hacking skills and see if they can replicate the same bug that was discovered. #hackon



https://www.hackerone.com/ethical-hacker...lated-bugs