Current News

HackerOne Validates MFA Security Through Targeted Spot Check

/ MFA, security, vulnerability management, HackerOne, cybersecurity

HackerOne Validates MFA Security Through Targeted Spot Check

On July 4, 2024, HackerOne was alerted to claims about a possible Multi-Factor Authentication (MFA) bypass in its platform, allegedly posted by a threat actor on social media. With no substantial evidence presented, the HackerOne Securit...

Read More...

HackerOne's Fall Day of Service: Community Impact and Employee Engagement

/ HackerOne, Community Service, Employee Engagement, Volunteering, Social Responsibility

Together for Change

In the vibrant backdrop of autumn, employees from HackerOne gathered for their Fall Day of Service, an initiative aimed at fostering community connection and promoting social values. This event took place across various locations in the United States and the Netherlands, with o...

Read More...

The Overlooked Threat of Business Logic Vulnerabilities

/ Cybersecurity, Business Logic Vulnerability, Stripe, HackerOne, Ethical Hacking

The Overlooked Threat of Business Logic Vulnerabilities

Understanding Business Logic Vulnerabilities

Business logic vulnerabilities can have dire consequences if not properly addressed. Recently, a glaring example occurred within the Stripe payment platform, which allowed hackers to exploit weak...

Read More...

Understanding Improper Access Control Vulnerabilities and Their Real-World Impacts

/ Cybersecurity, Access Control, Vulnerabilities, Data Protection, HackerOne

Understanding Improper Access Control Vulnerabilities and Their Real-World Impacts

Improper access control vulnerabilities have emerged as a significant threat within the cybersecurity landscape, most notably highlighted in HackerOne's 8th Annual Hacker-Powered Security Report. Released recently,...

Read More...

Understanding Cross-Site Scripting Vulnerabilities and Their Implications

/ XSS, Cybersecurity, Vulnerabilities, HackerOne, Account Takeover

When, Where, Why, Who, and How of XSS Vulnerabilities

On January 8, 2024, the HackerOne platform released details regarding Cross-Site Scripting (XSS) vulnerabilities, which consistently rank as the most prevalent issue in bug bounty programs and testing. This form of vulnerability facilitates att...

Read More...

Enhancing Election Security: Collaborative Vulnerability Testing

/ Election Security, Vulnerability Testing, HackerOne, IT-ISAC, Ethical Hacking

In the lead-up to the upcoming election season, a groundbreaking live hacking event was conducted by HackerOne in partnership with the Information Technology - Information Sharing and Analysis Center (IT-ISAC). Held to ensure the integrity of voting systems, this collaborative initiative brought tog...

Read More...

Navigating the Global Vulnerability Disclosure Landscape with HackerOne

/ HackerOne, Cybersecurity, Vulnerability Disclosure, Policy, Compliance

Introducing the Global Vulnerability Policy Map

To help organizations navigate the complex landscape of Vulnerability Disclosure Policies (VDPs), HackerOne has introduced an innovative tool - the Global Vulnerability Policy Map. This interactive, map-based tracker empowers users to easily identify...

Read More...

Navigating the HackerOne Recruitment Journey

/ Recruitment, HackerOne, Career, Job Application, Interview Process, Onboarding

Considering a career at HackerOne? Here's what you need to know about our recruitment process, from applying to getting onboarded as part of our team.

Application Review

When you submit your application, our recruitment team carefully evaluates your experience and skills to see how they match th...

Read More...