The Rise of Misconfiguration and Supply Chain Vulnerabilities

The vulnerability of supply chains has been top of mind since the SolarWinds attack, which still dominates headlines, but last week's Singtel breach also reflects the rise of breaches triggered by misconfiguration vulnerabilities.


https://www.hackerone.com/vulnerability-...rabilities

Commerce Giant Shopify Kicks Off 2021 with HackerOne (Virtual) Live Hacking Event: h

HackerOne’s first virtual live hacking event of the year kicked off with Shopify in January 2021. Read this blog post to learn more about how Shopify builds relationships with hackers through live events like h1-2102, and find out who the award winners are.


https://www.hackerone.com/community-blog...nt-h1-2102

PayPal is our Virtual Pal

HackerOne's second virtual live hacking event with event partners, PayPal to share experiences from the event.


https://www.hackerone.com/vulnerability-...irtual-pal

The Rise of IDOR

Insecure Direct Object References (or IDOR) is a simple bug that packs a punch. Discover where they’re most common, explore real-world examples, and learn prevention tips from hackers.


https://www.hackerone.com/company-news/rise-idor

Security@ 2021 Call for Speakers is Open

HackerOne’s global hacker-powered security conference, Security@, is back for its fifth year. This year’s virtual event will take place September 20, 2021. The call for speakers is now open! You have until May 15, 2021, to submit your talk.


https://www.hackerone.com/company-news/s...akers-open

Reddit's Bug Bounty Program Kicks Off: Q&A with Reddit's Allison Miller and Spencer

HackerOne sat down with Reddit’s CISO and VP of Trust, resident Security Wizard, and top hacker to discover the secrets to Reddit’s bug bounty success, explore their goals and key results, delve into how they use hackers to scale security across software development, and gain a unique perspective about what it’s like to hack one of the world’s leading social networks.


https://www.hackerone.com/application-se...encer-koch

How HackerOne Helps the Vulnerability Management Process

HackerOne sees vulnerability management as a process combining software tools and security analyst actions to reduce risk. In many cases, successful Vulnerability Management requires a joint effort between security operations, who find vulnerabilities, and IT operations responsible for fixing, or patching, vulnerabilities.


https://www.hackerone.com/vulnerability-...nt-process

Saxo Bank Celebrates One Year of Bug Bounties: Q&A with CISO Mads Syska Hasling




https://www.hackerone.com/vulnerability-...ka-hasling

A Security Engineer and Hacker Share Their Experiences with Security Assessments

A few weeks ago, HackerOne and PortSwigger teamed up to shine a light on the innovative ways that customers and security analysts are scaling risk assessments. Read on for key learnings.


https://www.hackerone.com/ethical-hacker...ssessments

Why water leaks are a headache for the EV boom

<p>As automakers and battery producers quickly ramp up to mass production of EVs, they need to look out for water leaks.</p>

https://www.autonews.com/technology/infi...-batteries