Organizations
CVSS 3.1 has Arrived
CVSS 3.1 is now available to all customers! CVSS 3.1 will enable customers, hackers, and triagers to use a more recent version of CVSS that more closely aligns with the official standard. This will remove confusion, frustration, and friction between the hacker and customer. The changes to the inbox and report submission page will create more transparency and improve the hacker experience. Additionally, the platform is now better equipped to support other severity calculation methods.
‘AI Model’ Asset Type and LLM Weaknesses
We are happy to announce improved support for AI to our platform with the new ‘AI Model’ asset type and LLM Weaknesses, available from December 11th.
Create and track assets with the ‘AI Model’ asset type
Use weaknesses from the OWASP Top 10 for LLM
Example: when submitting a vulnerability report
Enables HackerOne to identify and source hackers with AI skills
Hackers
Quality of Life Improvements
Canceled bounties will now prompt an email to the hacker with the reason for retraction.
Primarily an issue during Live Hacking Events.
The search function on the My Programs page was updated to use ElasticSearch like the Opportunities page, improving the speed and quality of results.
‘AI Model’ Asset Type and LLM Weaknesses
We are happy to announce improved support for AI to our platform with the new ‘AI Model’ asset type and LLM Weaknesses, available from December 11th.
Use weaknesses from the OWASP Top 10 for LLM
Example: when submitting a vulnerability report
Enables HackerOne to identify and source hackers with AI skills