HackerOne Leads AI-Driven Innovation

Uploaded on 2024-03-22 in TECHNOLOGY--Resilience, FREE TO VIEW, TECHNOLOGY-Key Areas-Artificial Intelligence

HackerOne, the leader in human-powered security, has recently announced new AI augmentations that integrate the company’s human intelligence with the transformative power of Artificial Intelligence (AI). 

HackerOne has launched the beta version of its GenAI co-pilot, Hai, that will help customers interpret their vulnerability reports and provide additional insights and advice on remediation.

HackerOne has also accelerated its AI red teaming offering with customer and hacker growth in the AI space.

Hai introduces GenAI capabilities into the HackerOne Platform. The co-pilot can transform natural language into a query, provide additional relevant context on vulnerability reports, and use platform data to provide recommendations.

Hai has become an integral part of HackerOne’s triage workflow, helping the industry’s largest in-house analyst team push boundaries and continue to set world-class response times.

Hai’s Benefits for Customers Include:

  • Synthesising Complex Vulnerability Data:
    Whether faced with intricate reports or technical details, Hai provides easily understandable explanations of vulnerabilities, enhancing comprehension and analysis.
  • Generating Powerful Nuclei Templates with Ease:
    Enhance Nuclei scanner consistency by asking Hai to craft customised templates, automating vulnerability detection and preventing regressions.
  • Accessing Tailored Remediation Advice:
    Determine the best approach to fixing a vulnerability by analysing it with Hai and receiving personalised remediation advice.
  • Improving Hacker Communication:
    Ask Hai to craft elegant and succinct messages to hackers on your behalf, enhancing collaboration.

“Hai has significantly reduced the time my team spends sifting through bug reports or creating responses, allowing us to focus more on resolving and communicating vulnerabilities quickly,” said Alexander Hagenah, Head of Cyber Controls at Six Group.  “It bridges the gap between our technical reports and our internal audience, enhancing the value of our HackerOne program by making actionable insights accessible to everyone.”

At the same time, HackerOne has expanded its AI Red Teaming offering for customers who are either in the AI space or are deploying GenAI tools in their own products and services.

HackerOne’s community of curated hackers who specialise in exploring the possibilities and security issues in GenAI are helping customers develop their tools and features safely and securely by stress-testing their deployments. HackerOne offers both AI safety and AI security red teaming exercises, which can take the form of pentest engagements, security assessments, or bug bounty programs.

Since January 2023, over 200 unique hackers have submitted over 1200 safety and security vulnerabilities affecting AI deployments, with over $230,000 paid out in bounties.

HackerOne customers can now test drive Hai using the platform by navigating to the beta features page and enabling Hai. Future iterations of Hai will be made available to hackers also. To find out more about AI red teaming, register for the upcoming "Ask Me Anything" (AMA) session with three ethical hackers specialising in AI security and safety.

Image:  BrianAJackson

You Might Also Read:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Manufacturing Firms Suffer From Under-Performing Cyber Security Providers
British Police Are Innovating With Data Analytics »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

Backup Systems

Backup Systems

Backup Systems is a leading backup and disaster recovery systems provider across the UK.

Riskified

Riskified

Riskified is a leading eCommerce fraud-prevention company, trusted by hundreds of global brands – from luxury fashion houses and retail chains, to gift card and ticket marketplaces.

Avatao

Avatao

Avatao is an online training platform for building secure software, offering a rich library of hands-on IT security exercises for software engineers to teach secure programming.

AdaptiveMobile Security

AdaptiveMobile Security

AdaptiveMobile Security, a world leader in mobile network security, protecting more than 2.2 billion subscribers worldwide.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

Touchstone Security

Touchstone Security

Touchstone Security is a company with a passion for technology, a hyper-focus on cybersecurity, and a special affinity for cloud technology.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

DeepSeas

DeepSeas

DeepSeas is the result of a merger between Security On-Demand (SOD) and the commercial Managed Threat Services (MTS) business of Booz Allen Hamilton.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

FortifyIQ

FortifyIQ

FortifyIQ's mission is to advance maximum security against side-channel attacks across the entire computing spectrum.

Execweb

Execweb

Execweb are a cybersecurity executive network, comprised of 400+ security practitioners who work at Fortune 500 and SME companies.

Velum Labs

Velum Labs

Velum Labs is a cyber intelligence company that provides simple and non-intrusive, cloud and cyber intelligence solutions; built from a market-leading understanding of cyber-attack methodology.

Hack-X Security

Hack-X Security

Hack-X Security provide IT risk assessment and Digital Security Services. We are a trusted standard for businesses that must protect their data from cyber-attacks.

Sacumen

Sacumen

Sacumen is a niche player in the cybersecurity market, solving critical problems for security product companies.

Dial A Geek

Dial A Geek

Dial A Geek are a Bristol-based B Corp that provides Managed IT Services to companies of 20+ users. We help businesses with a smart use of tech, including compliance and cybersecurity solutions.