HackerOne Leads AI-Driven Innovation

Uploaded on 2024-03-22 in TECHNOLOGY--Resilience, FREE TO VIEW, TECHNOLOGY-Key Areas-Artificial Intelligence

HackerOne, the leader in human-powered security, has recently announced new AI augmentations that integrate the company’s human intelligence with the transformative power of Artificial Intelligence (AI). 

HackerOne has launched the beta version of its GenAI co-pilot, Hai, that will help customers interpret their vulnerability reports and provide additional insights and advice on remediation.

HackerOne has also accelerated its AI red teaming offering with customer and hacker growth in the AI space.

Hai introduces GenAI capabilities into the HackerOne Platform. The co-pilot can transform natural language into a query, provide additional relevant context on vulnerability reports, and use platform data to provide recommendations.

Hai has become an integral part of HackerOne’s triage workflow, helping the industry’s largest in-house analyst team push boundaries and continue to set world-class response times.

Hai’s Benefits for Customers Include:

  • Synthesising Complex Vulnerability Data:
    Whether faced with intricate reports or technical details, Hai provides easily understandable explanations of vulnerabilities, enhancing comprehension and analysis.
  • Generating Powerful Nuclei Templates with Ease:
    Enhance Nuclei scanner consistency by asking Hai to craft customised templates, automating vulnerability detection and preventing regressions.
  • Accessing Tailored Remediation Advice:
    Determine the best approach to fixing a vulnerability by analysing it with Hai and receiving personalised remediation advice.
  • Improving Hacker Communication:
    Ask Hai to craft elegant and succinct messages to hackers on your behalf, enhancing collaboration.

“Hai has significantly reduced the time my team spends sifting through bug reports or creating responses, allowing us to focus more on resolving and communicating vulnerabilities quickly,” said Alexander Hagenah, Head of Cyber Controls at Six Group.  “It bridges the gap between our technical reports and our internal audience, enhancing the value of our HackerOne program by making actionable insights accessible to everyone.”

At the same time, HackerOne has expanded its AI Red Teaming offering for customers who are either in the AI space or are deploying GenAI tools in their own products and services.

HackerOne’s community of curated hackers who specialise in exploring the possibilities and security issues in GenAI are helping customers develop their tools and features safely and securely by stress-testing their deployments. HackerOne offers both AI safety and AI security red teaming exercises, which can take the form of pentest engagements, security assessments, or bug bounty programs.

Since January 2023, over 200 unique hackers have submitted over 1200 safety and security vulnerabilities affecting AI deployments, with over $230,000 paid out in bounties.

HackerOne customers can now test drive Hai using the platform by navigating to the beta features page and enabling Hai. Future iterations of Hai will be made available to hackers also. To find out more about AI red teaming, register for the upcoming "Ask Me Anything" (AMA) session with three ethical hackers specialising in AI security and safety.

Image:  BrianAJackson

You Might Also Read:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Manufacturing Firms Suffer From Under-Performing Cyber Security Providers
British Police Are Innovating With Data Analytics »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

The Media Trust

The Media Trust

The Media Trust continuously scans websites, ad tags and mobile apps and alerts on anomalies affecting websites and visitors.

Asia Data Destruction (ADD)

Asia Data Destruction (ADD)

ADD is the leading IT Assets Disposal and Data Destruction Company in Thailand.

Palantir

Palantir

Palantir software empowers entire organizations to answer complex questions quickly by bringing the right data to the people who need it.

Ross & Baruzzini

Ross & Baruzzini

Ross & Baruzzini delivers integrated technology, consulting, and engineering solutions for safe, sustainable, and resilient facilities.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Opus Security

Opus Security

Opus dramatically reduces cloud security risks by enabling teams to define, orchestrate, automate and measure remediation processes across the entire distributed organization.

InfoSec4TC

InfoSec4TC

InfoSec4tc is an online Information Security Courses, Training, and Consultancy provider.

O'Reilly Media

O'Reilly Media

O’Reilly’s help professionals learn best practices and discover emerging trends that will shape the future of the tech industry.

Unified Solutions

Unified Solutions

Unified Solutions provide a full continuum of cyber security services, compliance, and technology solutions.

X-Analytics

X-Analytics

X-Analytics is a cyber risk analytics application to create a better way for organizations to understand and manage cyber risk.

nodeQ

nodeQ

At nodeQ, we are pioneering the future of computer networks, leveraging our deep expertise in quantum communication, artificial intelligence, and software-defined networking.

US Insider Risk Management Center of Excellence (US-InRM)

US Insider Risk Management Center of Excellence (US-InRM)

The US-InRM Center of Excellence is a nonprofit organization dedicated to promoting private, public, and academic partnerships to foster knowledge sharing and resources to mitigate insider risk.

Aspiron Search

Aspiron Search

Aspiron Search is a niche-focused Cybersecurity search firm that works exclusively with venture-backed Cybersecurity firms.

Foresights

Foresights

Foresights is a Nordic company utilizing advanced intelligence tradecraft and extensive cyber security capabilities to deliver services and advisory tailored to our client’s critical requirements.