Skip to main content
All CollectionsChangelog
December 2023 Changelog
December 2023 Changelog

A full collection of changes released during the month of December

Updated over 10 months ago

Organizations

CVSS 3.1 has Arrived

CVSS 3.1 is now available to all customers! CVSS 3.1 will enable customers, hackers, and triagers to use a more recent version of CVSS that more closely aligns with the official standard. This will remove confusion, frustration, and friction between the hacker and customer. The changes to the inbox and report submission page will create more transparency and improve the hacker experience. Additionally, the platform is now better equipped to support other severity calculation methods.

‘AI Model’ Asset Type and LLM Weaknesses

We are happy to announce improved support for AI to our platform with the new ‘AI Model’ asset type and LLM Weaknesses, available from December 11th.

  • Create and track assets with the ‘AI Model’ asset type

  • Use weaknesses from the OWASP Top 10 for LLM

    • Example: when submitting a vulnerability report

  • Enables HackerOne to identify and source hackers with AI skills

Hackers

Quality of Life Improvements

  • Canceled bounties will now prompt an email to the hacker with the reason for retraction.

    • Primarily an issue during Live Hacking Events.

  • The search function on the My Programs page was updated to use ElasticSearch like the Opportunities page, improving the speed and quality of results.

‘AI Model’ Asset Type and LLM Weaknesses

We are happy to announce improved support for AI to our platform with the new ‘AI Model’ asset type and LLM Weaknesses, available from December 11th.

  • Use weaknesses from the OWASP Top 10 for LLM

    • Example: when submitting a vulnerability report

  • Enables HackerOne to identify and source hackers with AI skills

Did this answer your question?