Skip to main content

Vulnerability Management

We cover everything in vulnerability management including discovery, prioritization, assessment, disclosure, and remediation.

Vulnerability Management

Level Up Your Bug Bounty Effectiveness, Part II: Operational Areas to Continuously Improve

Hacker Engagement

First impressions matter! Win hackers over early on and create “anchor” hackers - program stalwarts that learn all about the...

Vulnerability Management

5 Articles to Get You Up-to-Speed on Bug Bounty Programs

Many organizations use bug bounty programs to help them protect their ever-expanding attack surface and...

Application Security, Vulnerability Management

Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks

MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software...
Vulnerability Management

HackerOne’s In-Depth Approach to Vulnerability Triage and Validation

Like triaging in a hospital emergency room, security issues must be diagnosed and handled by an expert as soon...
Ethical Hacker, Vulnerability Management

How Bug Bounty Uncovered A 5-Year-Old Vulnerability In Hours

When PullRequest was acquired, these concerns became HackerOne’s challenges. When we finalized the acquisition...
Vulnerability Management

CISOs: Do You Know the Security Risks of Your Organization's Next M&A?

An ever-expanding attack surface is a global concern for most organizations and complicates an M&A, especially...

Vulnerability Management

How to Catch Injection Security Vulnerabilities in Code Review

Injection vulnerabilities result from insecure handling of user inputs. They are relatively simple to fix once...

Vulnerability Management

How Critical Infrastructure Can be Protected from Threats

Accessing a major critical infrastructure network is very appealing to cybercriminals, as they can maximize...

Security Compliance, Vulnerability Management

What Is a Security.txt File and How Can It Help Your Program?

Security.txt is a security mechanism that allows your organization to provide its vulnerability disclosure...