New in Hai: Mermaid Diagram Generation
Hai can now generate and render Mermaid diagrams—allowing you to visualize complex systems and processes directly in the conversation.
What we did:
We’ve launched a powerful new capability: Mermaid diagram generation in Hai. This lets Hai create easy-to-understand diagrams to break down complex concepts.
Whether it’s a vulnerability reproduction flow or a multi-step attack scenario, Hai can now render it as a Mermaid diagram—no external tooling required.
Why we did it:
Customers have repeatedly told us that reproducing PoCs and understanding attack scenarios is time-consuming and often hard to communicate.
With this feature, Hai helps by providing clear visual context, making it faster to understand the flow of an exploit or the sequence of events—even when you didn’t think to ask for it.
Who it helps:
Security analysts who need to quickly grasp and explain complex attack paths, reproduction steps, or system behavior—without digging through walls of text.
How to use it:
Ask Hai to visualize an attack scenario, PoC flow, or system process—it will generate an inline Mermaid diagram. Diagrams are also automatically included in report summaries when relevant—just run a summary prompt, and Hai will embed the visualization if it adds value.
Learn more about Mermaid diagrams.
New Customer API Capabilities
We've introduced new API endpoints and made improvements to existing ones to enhance your experience and expand what’s possible with our API.
What we did:
We've added new API endpoints and made key updates to help you better track and manage program activity:
Retrieve allowed reporter history (join/leave a program)
Why we did it:
These updates are driven by customer feedback—because your needs shape our platform. By expanding API capabilities, we’re making it easier to monitor program activity, streamline workflows, and improve automation.
Who it helps:
Customers who want a comprehensive, automated view of their program activity via API integration. Whether you're tracking user history or fine-tuning security workflows, these enhancements help you stay informed and in control.
Support for CVSS 4.0 🎉
We're happy to be the first platform in the crowdsourced security space to support CVSS 4.0!
CVSS 4.0 is now available as a supported severity calculation method. CVSS 4.0 delivers more accurate risk assessments, deeper insights into exploitability, and new impact considerations to support vulnerability prioritization. With CVSS 4.0, we've delivered on one of our top feature requests.
What we did:
We've added support for CVSS 4.0 in our platform for those who want to leverage the new scoring mechanism. The new version was added alongside the existing versions (3.0 and 3.1, which we already supported). Upgrading to CVSS 4.0 is fully optional as it may require customers to upgrade their internal systems or processes as well.
Why we did it:
Prioritize more effectively – CVSS 4.0 offers a clearer scoring process with well-defined metrics, reducing guesswork and making it easier to assess vulnerabilities.
Adapt scoring to your needs – More detailed metrics and a modular approach let you customize risk assessments based on your unique environment.
Get a more accurate risk picture – Integrated threat intelligence and environmental factors provide a scoring system that better reflects real-world risk.
Who it helps:
This feature is available to all customers. Switching your severity calculation method won’t impact your past reports.
More info:
Additional Audit Logs for Customers
We've expanded our audit logging capabilities to give customers more visibility into hacker program membership changes, including when hackers join, leave, or are banned/unbanned from their programs.
What we did:
Added new audit log entries for hacker program membership events
Added audit logging for when hackers join or leave a program
Added audit logging for when hackers are banned or unbanned
The change is not retrospective, so only future events will appear.
Why we did it:
To provide customers with better visibility and accountability over their program membership changes. This enhancement was specifically requested to help track and review banned hacker history and will benefit all customers who need to review detailed records of program membership changes.
Who it helps:
Security teams and program managers who oversee bug bounty programs, especially private programs
Customers who need to know when hackers joined or left or were banned from their program
How to use it:
Navigate to the program settings page
Access the audit log feature
Use the event filter to view specific types of membership changes:
teams.allowlisted.hacker.addteams.allowlisted.hacker.removedteams.allowlisted.hacker.removed.quitteams.blocklisted.hacker.blockteams.blocklisted.hacker.unblock
Learn more in our Audit Logs doc!
Return on Mitigation (RoM) Calculations via Hai
Granular Triage Charts
Two new charts now offer a more detailed view of team triage times. One tracks the time from submission to pending program review, while the other covers the time from pending program review to triaged.
Time to Pending Program Review
Time from Pending Program Review to Triage
What we did:
These two charts were previously only available to select customers, but we have now extended access to all customers.
Why we did it:
We've heard your requests for charts like these! As part of our effort to identify and deliver quick wins from the feature request backlog, we prioritized and implemented this update.
Who it helps:
Customers who utilize HackerOne for Triage, which is the majority of the HackerOne customer base. For those who do not utilize HackerOne Triage, the charts will be hidden.
How to use it:
Go to Analytics -> Response Efficiency and view ‘Time to pending program review’ or ‘Time from pending program review to triage’
Learn more on our Response Efficiency Dashboard page.