Join HackerOne at the RSA Conference 2023 April 24-27
Stop by Booth #6279, North Expo Hall, for coffee on us.

Don’t have an expo hall pass yet? We can fix that! Request a complimentary expo hall pass to RSA 2023

The 6th Annual Hacker-Powered Security Report is here
Our latest report, with insights from 5,700+ hackers and the organizations that rely on them, is available now .

How large is your organization's attack resistance gap?

In just 5 minutes, this assessment sizes your unknown attack surface so you can start taking action to close your gap.

Take the Attack Resistance Assessment today

HackerOne Assets

Identify the unknown. Then secure it

Combine the power of attack surface management (ASM) with the reconnaissance skills of security researchers.

Watch the Demo

Security@ Beyond 2022: Webinar Series

The Learning Continues

Security@ 2022 may be over, but the insights it offered go far beyond the one-day event. This Security@ Beyond webinar series continues the conversation about how to protect your constantly evolving attack surface and stay ahead of emerging threats.

On-Demand Sessions

These Security@ Beyond on-demand sessions bring you thoughtful conversations from a variety of security leaders and ethical hackers, on topics ranging from rethinking ASM to taking a proactive approach to zero days.

  1. October 26, 8 AM PT

    Build Resistance to Attacks by Unlocking the Value of Ethical Hackers

    Attack surfaces are expanding, spurred on by the continuous release of new digital services and business transformation. In this session you will learn why it’s time to implement an attack resistance management strategy to find unknown risks missed by automated tools, then unlock the security expertise of ethical hackers to close critical gaps, rank risk and prioritize remediations across your attack surface. This session will include live demos of HackerOne's Attack Resistance Management portfolio.

  2. November 2, 8 AM PT

    Protecting Your Attack Surface: Beyond Automation

    Digital transformation, mergers and acquisitions, and cloud migrations have created a security gap. On average, 37% of an organization’s attack surface is unknown or unprotected, leaving the door wide open for a breach. Defensive security tactics and automated scanning cannot find these unknown, vulnerable assets that cybercriminals seek out.

    Join us for an introduction to HackerOne Assets, an attack surface management (ASM) solution that combines continuous automated scanning with a proactive risk assessment from a community of security experts so you can increase your resistance to attack. In this live session, you’ll learn how to:

    • Discover, inventory, risk-rank, and remediate unknown or rogue digital assets
    • Prioritize security testing with continual asset monitoring and tracking
    • Unify attack surface status in a single view to accelerate remediation actions and enable real-time reporting

  3. Nov 16, 8 am PT

    Why Isn’t Anyone Paying Bounties for Zero Days?

    What’s your definition of a zero day? Exactly what a zero day is, and how one should be tackled when it comes to bug bounty, has been a contentious issue for years. Drawing on his experience at Project Zero and as a longstanding member of the hacking community, Chris will explore the evolution of zero days, from Stuxnet to Log4j. He will explain why zero days are not usually rewarded in bug bounty programs and why Log4j was unique in this regard, drawing on hacker and customer data and stories from the incident. Chris will share his philosophy on a ‘pay for value’ approach to zero days and how progressive CISOs can work alongside the hacking community to reduce the risk from zero days, in whichever definition applies.

See what you missed at the Security@ main event

6+ hours of on-demand content to choose from

Watch Now