Bi-Directional Jira Integration Enhancements
Customers can now seamlessly access and manage HackerOne vulnerability data directly from their Jira instance, eliminating the need to switch between platforms for enhanced workflow efficiency.
What We Did:
In response to customer demand, we enhanced the bi-directional Jira integration with several key features, making vulnerability management more streamlined and automated.
Embedded Attachments: Full support for all file formats within Jira for greater flexibility in handling vulnerability-related documents.
CWE Reference Mapping: Automatic mapping of Common Weakness Enumeration (CWE) references to Jira issues for quicker identification and classification of vulnerabilities.
User/Group Details: Easy access to detailed information about the user or group assigned to a vulnerability, improving accountability and tracking.
Due Date Mapping: Automatically set due dates based on vulnerability severity, ensuring timely remediation efforts.
Enhanced CVSS Mapping: CVSS scores are now mapped to a dedicated field in Jira for better visibility and tracking of vulnerability risk.
Bounty Award Details: Bounty award information is now included in Jira comments, providing enhanced visibility into rewards associated with vulnerabilities.
Why We Did It:
These enhancements reduce manual effort and administrative overhead, enabling customers to manage vulnerabilities more efficiently within their existing workflows, ultimately improving their overall experience.
Hai Paraphraser (Beta)
We have upgraded one of our most popular Hai features, Paraphraser, making it even more valuable for our users. The report paraphraser assists users in composing responses to reports. We provide options such as grammar-checking and the ability to refine the tone of the reply (for instance: make it sound professional).
What we did:
We’ve made the Paraphraser feature even better by fully integrating it into Hai Chat! Originally, it was a simple popup in the inbox that gave you five rewrite options for report responses. Now, it’s a seamless part of the Hai experience, letting you collaborate with Hai to craft consistent, polished replies in no time. It’s easy, intuitive, and feels like second nature.
Why we did it:
Users love the Paraphraser feature! They indicated that they want more options and the ability to fine-tune the report reply, making it more personalized and actionable.
Who it helps:
Customers who frequently chat with hackers, primarily security analysts.
How to use it:
Once you have enabled this feature, you'll find a button on the report that will prompt Hai.
Improved Analytics API Documentation
We've released quality-of-life improvements for the Analytics endpoint of our REST API.
What we did:
Cleaned up duplicate entries for Analytics endpoint key parameters to avoid confusion.
Added Analytics section to Use Cases with explanation of usage and how to get typical data questions around your org/program answered via REST API.
Why we did it:
The existing documentation for Analytics API does not have any concrete examples with a use case, request, and response.
Who it helps:
Any user who wants to integrate with our REST API to consume the data that feeds our Analytics Dashboards.
New Pentest Type: Azure Security Configuration Review
Our newest pentest type is a premium tier engagement designed to evaluate an organization's Azure security configuration. It focuses on critical Azure services and configurations, ensuring they align with industry best practices and comply with standards like the CIS Microsoft Azure Foundations Benchmark and the security pillar of the Azure Well-Architected Framework. We have a talented pool of pentesters ready to assist in this new service!
What we did
Enhanced Cloud Security Posture: The review comprehensively assesses a customer's Azure security configuration, focusing on critical services and configurations to ensure alignment with industry best practices.
Reduced Risk of Security Breaches: By identifying and helping remediate security vulnerabilities, the review helps customers reduce the likelihood of security incidents and data breaches, protecting their valuable data and reputation.
Independent, Third-Party Evaluation: The review offers an objective and unbiased assessment of the customer's Azure security configuration, providing valuable insights and recommendations for improvement.
How to Get Started:
Existing Customers with Premium Pentest Hours:
Log in to the platform: Customers can access the pentest scoping questionnaire directly within the platform.
Select the Azure Security Configuration Review as the asset type for their new pentest.
The platform will guide them through defining the scope and initiating the review.
Prospects:
Contact Sales: Prospects can initiate the process by contacting our sales team.
The sales team will then provide them with the scoping questionnaire.
Once the prospect completes the questionnaire, the sales team will work with them to provide a quote.
Nav 3.0 🎉
We are excited to announce Nav 3.0! With Nav 3.0, it is now easier to access Hai and your engagement settings. The changes also bring cleaner and more scalable navigation with less page clutter.
What we did:
Moved Hai, profile, notifications, and help to the top-right and moved the organization dropdown to the top-left
Introduced an engagement dropdown for easy context switching between programs
Why we did it:
Fewer clicks for customers to use our products and features
Empowers users to manage the platform with less need for CSM support
Easy to expand our products and features without cluttering the nav
Who it helps:
Our users - features are now more discoverable, and time is saved with fewer clicks and page loads
Check it out in the platform now, or get an overview in our Navigation doc!
Hai Program Insights 
We're excited to announce the general availability of Hai Program Insights - a powerful new way to explore your program analytics and benchmarking directly through Hai.
What we did:
Developed a powerful new analytics capability in Hai that provides comprehensive insights across all vulnerability management programs, leveraging our HAQL backend for consistent results
Delivering more than just visualizations - Hai provides contextual insights and meaningful explanations of your data
Fully integrated into the conversational Hai experience, enabling natural discussions about your program data and analytics
Why we did it:
Security teams needed better visibility into vulnerability trends across their programs without having to hunt down and analyze the data themselves
Leaders who access HackerOne infrequently can now ask Hai for the data they need without having to learn where to find it
Manual data analysis was time-consuming and often missed valuable patterns - now generating custom queries is just a single question away
Who it helps:
Security teams managing vulnerability programs
Program managers tracking performance metrics
Leadership teams to show value from their investment
How to use it
Open Hai by clicking on the menu at the top left and selecting "Analytics" from the Hai Plays options. Alternatively, customers can navigate to their analytics dashboards and click on the "explore with Hai" button. Then, start asking questions about your program's performance and trends! Learn more in our document.