HackerOne Blog

Code Security

Return on Mitigation

Code Security

Code

The Cost Savings of Fixing Security Flaws in Development

February 25th, 2025

There’s no debate that catching and fixing security flaws in development saves time, money, and stress.

Read Now

All

Cloud Security

Code Security

Crowdsourced Security

Culture & Talent

Defense in Depth

From the CEO

HackerOne News

Offensive Security

Public Policy

Return on Mitigation

Security Compliance

Security Research

Exposure Management

Code Security

Shai-Hulud 2.0: What Security Leaders Need to Do Now

November 26th, 2025

Shai-Hulud 2.0 is a self-replicating npm malware campaign exposing secrets and compromising CI/CD pipelines. Learn how to respond and reduce risk.

Code Security

Code

Scaling Expert Oversight of AI: HackerOne's Human-in-the-Loop Methodology

August 21st, 2025

How HackerOne Code scales secure AI with HiTL validation, combining expert oversight, Explainable AI, and continuous feedback loops.

Code Security

What is CVE-2025-53770? A Critical Microsoft SharePoint Vulnerability and How to Respond

July 23rd, 2025

CVE-2025-53770 is a critical Microsoft SharePoint vulnerability now under active exploitation. Learn how to respond, assess exposure, and improve visibility with proactive security strategies.

Code Security

How AI Can Navigate Code and Catch Complex Vulnerabilities

April 7th, 2025

One of the questions HackerOne Engineering set out to answer early on was: “Can an...

Return on Mitigation

Code Security

Code

The Cost Savings of Fixing Security Flaws in Development

February 25th, 2025

There’s no debate that catching and fixing security flaws in development saves time, money, and stress.

Exposure Management

Code Security

Code

Resurrecting Shift-Left With Human-in-the-loop AI

January 16th, 2025

Let's explore how human-in-the-loop AI can help implement successful secure-by-design.

Code Security

A Guide To Subdomain Takeovers 2.0

September 25th, 2024

Learn the ins and outs of understanding subdomain configurations with current resources and tools from an expert security researcher.

An ethical hacker finding an XSS vulnerability

Code Security

Security Research

How to Find XSS

June 25th, 2024

Security researcher Haoxi Tan breaks down the best practices and tools for finding the different types of XSS vulnerabilities.

Code Security

Ensuring Robustness in DynamoDB Operations: The Role of ReturnValuesOnConditionCheckFailure

April 10th, 2024

In the realm of modern software development, where data integrity and consistency are paramount, leveraging...