New Security Inbox & Dashboard

At HackerOne, we're on a mission to empower the world to build a safer internet. Better security begins with a quality vulnerability coordination process, and our free platform enables your team to seamlessly manage the entire workflow. Think of it as a replacement for your old shared security inbox.


https://www.hackerone.com/vulnerability-...-dashboard

Introducing Reputation

One of the primary challenges when running a vulnerability coordination program is distinguishing the signal from the noise. Today, we're introducing a new reputation system to make running a program even easier.


https://www.hackerone.com/ethical-hacker...reputation

Jingle Bugs - How to Rock in a Hard Place

With the end of 2014 dashing to a close and 2015 just over the hill, let's take a moment to look at the ghosts of bugs and breaches past. Vulnerability coordination, disclosure, and incident response have never been more important to get right. What could happen if we make adjustments in the way we approach security and how could that impact the bugs that will inevitably be delivered to both the naughty and nice in the future?


https://www.hackerone.com/application-se...hard-place

Proposed Changes to the Computer Fraud and Abuse Act, Austin Powers, and You

Many security professionals, hackers, lawyers, law enforcement, and members of the media are keenly interested in the White House's proposed changes to laws affecting Internet security. Among the proposed amendments to the Computer Fraud and Abuse Act (CFAA), some of the proposed changes that represent the biggest concerns center around expanded language that pose an increased risk to performing many vulnerability research and security testing activities, and even reporting on breaches.


https://www.hackerone.com/security-compl...rs-and-you

What's in a Name?

While there are many interpretations of the word "hacker," we choose to pay homage to the original MIT hackers by using the term in our company name. We favor their early definition of a hacker: "one who enjoys the intellectual challenge of creatively overcoming limitations."


https://www.hackerone.com/ethical-hacker/whats-name

The Wolves of Vuln Street - The First System Dynamics Model of the 0day Market

HackerOne has been working with economics and policy researchers from MIT and Harvard to study the economic forces behind the 0day market. Here's what they found.


https://www.hackerone.com/vulnerability-...day-market

Where's that Security@?

HackerOne is launching the Directory: a community-curated resource for identifying the best way to contact an organization's security team.


https://www.hackerone.com/company-news/wheres-security

6 Tools Slated To Come Out Of Black Hat

In anticipation of the show, here at Within Security we've scoped out some of the top tools slated for release by researchers scheduled to talk at Mandalay.


https://www.hackerone.com/application-se...-black-hat

6 Reasons Your Security Recruiting Sucks

As we discussed in our previous blog, the security skills shortage may not be quite as real as some industry reports claim it to be. But that doesn't mean it's easy to recruit and retain talented professionals into the industry. It just means many organizations are blaming market dynamics for their own shortcomings.


https://www.hackerone.com/ethical-hacker...ting-sucks

411 for Hackers: Disclosure Assistance

HackerOne introduces Disclosure Assistance to help hackers reach organizations that don't have official vulnerability reporting processes.


https://www.hackerone.com/vulnerability-...assistance