H1-702 2018 makes history with over $500K in bounties paid!

Five straight nights of hacking with over 75 hackers representing 20+ countries hacked five targets earning over $500,000. It was the largest and most successful live hacking event ever.


https://www.hackerone.com/ethical-hacker...nties-paid

Highlights of New York’s Cybersecurity Regulation 23 NYCRR Part 500

Effective March 1, 2017, the New York State Department of Financial Services (NYDFS) promulgated 23 NYCRR Part 500, a regulation establishing cybersecurity requirements for financial services companies. Beginning today, September 4, 2018, Sections 500.06, 500.08, 500.13, 500.14(a) and 500.15 of 23 NYCRR Part 500 will be enforceable.


https://www.hackerone.com/security-compl...r-part-500

Introducing the Hacker101 CTF

Capture flags all day and night in our newly launched CTF, available 24/7 at ctf.hacker101.com.


https://www.hackerone.com/ethical-hacker...ker101-ctf

The AWS Shared Responsibility Model: 3 Areas of Improvement to Make Today, Part 1

Migrating to the cloud means sharing responsibility for security with the cloud provider. Read about one important part of the shared responsibility model: keeping your private keys private. Discover how to prevent your secrets from escaping the cloud.


https://www.hackerone.com/application-se...day-part-1

Top Firewall Misconfigurations that Lead to Easy Exploitations by Attackers

Migrating to the cloud means sharing responsibility for security with the cloud provider. Read about one important part of the shared responsibility model: keeping your cloud network secure. Discover how to protect your cloud networks from attackers.


https://www.hackerone.com/vulnerability-...loitations

Streamline Every Aspect of Your Responsible Disclosure Policy with HackerOne Response

HackerOne Response is our turnkey solution offering enterprise-grade security and conformance with ISO-29147 (vulnerability disclosure) and ISO-30111 (vulnerability handling). It allows vulnerability management teams to work directly with external third-parties to resolve critical security vulnerabilities before they can be exploited.


https://www.hackerone.com/vulnerability-...-hackerone

How Hacktivity Can Save Your Company: Experts Weigh In

Hacktivity can save your company.  Take help from hackers.  You can’t do it alone.  Approach hackers with an assumption of benevolence, and develop relationships with them.  Don’t find out about a vulnerability for the first time on Twitter.  How do you defend yourself against people who get up in the morning, put on their flip flops (or military uniform) and do nothing but think about how to attack you?  These were themes at the Atlantic Council’s panel on coordinated vulnerability disclosure (CVD) on September 18 in Washington, D.C.   


https://www.hackerone.com/ethical-hacker...s-Weigh-In

The AWS Shared Responsibility Model: 3 Areas of Improvement to Make Today Part 3: Lo

Migrating to the cloud means sharing responsibility for security with the cloud provider. Read about one important part of the shared responsibility model: logging, monitoring, and alerting in an AWS environment. Discover the tools available to help you always know what is happening in your environment.


https://www.hackerone.com/application-se...day-Part-3

The U.S. Marine Corps Resolves Nearly 150 Vulnerabilities Thanks to Hackers

Hack the Marine Corps, the U.S. Depart of Defense’s (DoD) six public bug bounty challenge, officially concluded and the results are in! Over 100 ethical hackers tested public-facing Marine Corps websites and services in an effort to harden the defenses of the Marine Corps Enterprise Network (MCEN). Over the 20 days of the hacking challenge, hackers reported nearly 150 unique valid vulnerabilities to the U.S. Marine Corps Cyberspace Command (MARFORCYBER) team and were awarded over $150,000 for their findings.


https://www.hackerone.com/vulnerability-...ks-hackers

Say Yes To Cyber Help

We are seeing tremendous growth at HackerOne. Bug bounty programs, vulnerability disclosure policies, and crowdsourced pentests are needed by anyone entrusted with protecting customer data. To serve our rapidly expanding customer base, we have tripled our headcount in the past 12 months and opened new offices in New York, Washington D.C. and Singapore, in addition to our San Francisco, London and Netherlands offices.


https://www.hackerone.com/company-news/s...cyber-help