Key Findings From The Hacker-Powered Security Report: Vulnerability Disclosure Polic

The Hacker-Powered Security Report found that, despite increased bug bounty program adoption and recommendations from federal agencies, 94 percent of the top publicly-traded companies do not have known vulnerability disclosure policies (VDP).


https://www.hackerone.com/vulnerability-...disclosure

Aim High...Find, Fix, Win!

It took just under a minute for hackers to report the first security vulnerability to the U.S. Air Force. Twenty-five days later when the Hack the Air Force bug bounty challenge concluded, 207 valid vulnerabilities had been discovered. Hackers will be awarded more than $130,000 for making the Air Force more secure.


https://www.hackerone.com/ethical-hacker...nd-fix-win

Vulnerability Disclosure Policy Basics: 5 Critical Components

Vulnerabilities are found every day by security researchers, friendly hackers, customers, academics, journalists, and tech hobbyists. Because no system is entirely free of security issues, it's important to provide an obvious way for external parties to report vulnerabilities.


https://www.hackerone.com/vulnerability-...components

Capture The Flag Solution: reversing the password

Last week, a mini Capture The Flag (CTF) was posted about a criminal who changed Barry’s password. The challenge was to come up with the password the criminal chose. This blog will explain how the CTF could be solved.


https://www.hackerone.com/ethical-hacker...g-password

Key Findings From The Hacker-Powered Security Report: Security Vulnerabilities Worr

We surveyed our customers to see what their security focus is. Read the summarized data of our survey results that are published in the Hacker-Powered Security Report.


https://www.hackerone.com/vulnerability-...ties-worry

What Happens in Vegas...Stays on Hacktivity

H1-702 was HackerOne’s second annual live-hacking event held in Las Vegas. It’s hosted during Security Summer Camp: Where security teams, hackers, feds, and fans attend the trifecta of events: Black Hat, DEF CON, and BSides Las Vegas.


https://www.hackerone.com/ethical-hacker...hacktivity

Slack Integration 2.0: Notification Filters, Multiple Channels, & Username Mentions

Today we’re announcing an enhanced Slack integration which allows teams to customize their HackerOne notifications and support their own unique workflows. The new integration features include: granular notification settings, ability to configure multiple channels, and username mention notifications.


https://www.hackerone.com/company-news/s...e-mentions

Celebrating $20M in Bounties with a Recap of Our Top 20 Up Voted Reports on Hacktivi

In honor of our $20M in bounties paid out to hackers, we revisit some of the top most up voted reports ever submitted on HackerOne.


https://www.hackerone.com/ethical-hacker...hacktivity

$20M in Bounties Paid and $100M In Sight

Over 50,000 vulnerabilities found and fixed. Over 100,000 hackers strong in the HackerOne community. Over $20 million paid in bounties to those who help make the connected world more secure.


https://www.hackerone.com/ethical-hacker...100m-sight

$20,000,000: Time to split bounties!

We are excited to announce bounty splitting! A feature designed to give back to those other hackers who helped you find that RCE!


https://www.hackerone.com/company-news/2...t-bounties