HackerOne Leads AI-Driven Innovation

Uploaded on 2024-03-22 in TECHNOLOGY--Resilience, FREE TO VIEW, TECHNOLOGY-Key Areas-Artificial Intelligence

HackerOne, the leader in human-powered security, has recently announced new AI augmentations that integrate the company’s human intelligence with the transformative power of Artificial Intelligence (AI). 

HackerOne has launched the beta version of its GenAI co-pilot, Hai, that will help customers interpret their vulnerability reports and provide additional insights and advice on remediation.

HackerOne has also accelerated its AI red teaming offering with customer and hacker growth in the AI space.

Hai introduces GenAI capabilities into the HackerOne Platform. The co-pilot can transform natural language into a query, provide additional relevant context on vulnerability reports, and use platform data to provide recommendations.

Hai has become an integral part of HackerOne’s triage workflow, helping the industry’s largest in-house analyst team push boundaries and continue to set world-class response times.

Hai’s Benefits for Customers Include:

  • Synthesising Complex Vulnerability Data:
    Whether faced with intricate reports or technical details, Hai provides easily understandable explanations of vulnerabilities, enhancing comprehension and analysis.
  • Generating Powerful Nuclei Templates with Ease:
    Enhance Nuclei scanner consistency by asking Hai to craft customised templates, automating vulnerability detection and preventing regressions.
  • Accessing Tailored Remediation Advice:
    Determine the best approach to fixing a vulnerability by analysing it with Hai and receiving personalised remediation advice.
  • Improving Hacker Communication:
    Ask Hai to craft elegant and succinct messages to hackers on your behalf, enhancing collaboration.

“Hai has significantly reduced the time my team spends sifting through bug reports or creating responses, allowing us to focus more on resolving and communicating vulnerabilities quickly,” said Alexander Hagenah, Head of Cyber Controls at Six Group.  “It bridges the gap between our technical reports and our internal audience, enhancing the value of our HackerOne program by making actionable insights accessible to everyone.”

At the same time, HackerOne has expanded its AI Red Teaming offering for customers who are either in the AI space or are deploying GenAI tools in their own products and services.

HackerOne’s community of curated hackers who specialise in exploring the possibilities and security issues in GenAI are helping customers develop their tools and features safely and securely by stress-testing their deployments. HackerOne offers both AI safety and AI security red teaming exercises, which can take the form of pentest engagements, security assessments, or bug bounty programs.

Since January 2023, over 200 unique hackers have submitted over 1200 safety and security vulnerabilities affecting AI deployments, with over $230,000 paid out in bounties.

HackerOne customers can now test drive Hai using the platform by navigating to the beta features page and enabling Hai. Future iterations of Hai will be made available to hackers also. To find out more about AI red teaming, register for the upcoming "Ask Me Anything" (AMA) session with three ethical hackers specialising in AI security and safety.

Image:  BrianAJackson

You Might Also Read:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Manufacturing Firms Suffer From Under-Performing Cyber Security Providers
British Police Are Innovating With Data Analytics »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

OneWelcome

OneWelcome

Onegini and iWelcome have merged to become OneWelcome, the largest European Identity Access Management Saas Vendor.

ESNC

ESNC

ESNC’s vulnerability management and real-time SAP security monitoring solutions help largest corporations in the world to effectively prioritize SAP security tasks and secure their business.

Araxxe

Araxxe

Araxxe delivers Revenue Assurance, End-to-End Billing Verification and Interconnect Fraud Detection solutions to communication companies worldwide.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

SDG Corp

SDG Corp

SDG is a global cybersecurity, identity governance, risk consulting and advisory firm, addressing complex security, compliance and technology needs.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Digital Security by Design (DSbD)

Digital Security by Design (DSbD)

Digital Security by Design is an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future.

Obscure Technologies

Obscure Technologies

Obscure Technologies is a firm of experts, specialised in brokering the best security solutions to market.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

Theta

Theta

Theta is a New Zealand owned technology consultancy. Our team of over 330 experienced professionals help organisations transform with technology.

LevelBlue

LevelBlue

LevelBlue simplify cybersecurity through award-winning managed security services, experienced strategic consulting, threat intelligence and renowned research.

STACK Cybersecurity

STACK Cybersecurity

STACK Cybersecurity serves as a strategic partner, guiding you through the intricate and dynamic cybersecurity landscape.

Silicon Valley Cybersecurity Institute (SVCSI)

Silicon Valley Cybersecurity Institute (SVCSI)

SVCSI aims to investigate, develop, and promote technical excellence and the best security practices for dependable and secure systems and applications.

HeroDevs

HeroDevs

HeroDevs is the trusted leader in providing secure, long-term support for deprecated open-source software.