Streamline and enhance your vulnerability management process with HackerOne’s GenAI Copilot, Hai. By integrating AI capabilities directly into our platform, Hai enhances security processes for organizations facing ever-changing cyber threats.

Hai provides deeper insights into vulnerability reports, enhancing understanding and enabling faster remediation. It effortlessly translates natural language into precise queries, enriches vulnerability reports with relevant context, and generates insightful recommendations using platform data.

Hai is a free feature for all customers.

Strengthen Understanding

Hai decodes complex reports, providing concise summaries and detailed visual analyses, fast-tracking your team's understanding and response capabilities.

Improve Communication

Hai acts as a communication bridge, clarifying technical details and remediation steps, enabling seamless collaboration between security, development teams, and hackers.

Accelerate Remediation

Hai streamlines find-to-fix cycles with targeted insights and personalized advice, optimizing remediation and harnessing unique business knowledge for faster, smarter action.

Streamline your SDLC

Hai elevates your SDLC, offering custom vulnerability scanner templates, API integrations, and dynamic automation for faster, smarter security processes.

AI-Powered Program Insights

Hai captures unique and valuable insights with broad context across all programs in an organization.

Hai is embedded in the HackerOne platform and can be used on any accessible reports. Hai functions as a copilot to your workflow and aims to improve your efficiency using the platform. Interacting with Hai works similarly to other GenAI tools; once you ask a question or send a prompt to Hai, it will process your input within our infrastructure and generate a response.

Navigating and interpreting complex security reports is time-consuming, often delaying critical response actions and team decision-making.

Whether faced with intricate reports, complex proofs of concept, or technical details, Hai provides easily understandable explanations of vulnerabilities.

For example, you can ask Hai for help with:

Use the Hai icon on the top menu to toggle Hai's chat interface; alternatively, you can click on any of the platform's use case-specific buttons, which will let you interact directly with Hai on a specific use case (such as summarizing vulnerabilities or generating remediation advice).

Opening the Hai sidebar from the top navigation:
​

Example of a use case-specific action:
​

Hai opened on a vulnerability report:

Hai features ready-made prompt suggestions, offering immediate insights and a starting point for further queries. Currently, the suggestions include the following prompts:

Click on each prompt for more detailed information or to ask follow-up questions. Start a new conversation from the top to bring up the prompt suggestions.

After each question, Hai analyzes its response and suggests follow-up questions based on the conversation. Suggestions can be found at the bottom of the conversation, and clicking on a suggestion will automatically continue the conversation and generate a response.

Hai can generate and render Mermaid diagrams—allowing you to visualize complex systems and processes directly in the conversation.

Ask Hai to visualize an attack scenario, PoC flow, or system process—it will generate an inline Mermaid diagram. Diagrams are also automatically included in report summaries when relevant—just run a summary prompt, and Hai will embed the visualization if it adds value.

Learn more about Mermaid diagrams.

Analyzing visuals in reports and proofs of concept may miss important details essential for accurate vulnerability assessment and remediation planning.

Hai can support images so you can better understand visuals in vulnerability reports and proofs of concepts.

Poor communication between security teams, developers, and hackers post-triage makes vulnerability remediation less efficient.

Hai crafts clear and concise messages to hackers, improving communication and collaboration across language barriers. It also enhances collaboration between security and development teams, promoting a more integrated security approach.

Use Hai Insights to inform strategic action against vulnerability trends forming across all your HackerOne programs, complete with graphs and charts. Identify the most prevalent vulnerabilities found across valid reports to identify areas for targeted remediation.

Each analysis includes:

Hai automatically selects the most appropriate visualization type for your data:

You can also ask Hai to change the format if you need something different.

Hai Plays provides practical solutions to streamline essential tasks. It supports everything from creating clear, concise vulnerability briefs for C-suite executives to assessing the likelihood of uncovering specific vulnerabilities during a pentest, helping teams focus their efforts where it matters most.

Why You'll Love Hai Plays:

Quickly measure cost savings on high-impact vulnerabilities with the Return on Mitigation (RoM) Calculator automation template. This feature automatically calculates RoM for reports, making it easy to track financial impact by posting results as internal comments or storing them in custom fields for seamless reporting and decision-making.

Learn more here: Calculating Return on Mitigation (RoM) with Hai

Need help troubleshooting an issue, handling reports, or improving security guidelines? Instead of searching through documentation, ask Hai! With instant access to platform knowledge, best practices, and documentation, Hai can help you resolve issues, refine policies, and even generate scripts for API automation—saving you time and effort.

Here’s how you can use Hai:

Next time you have a question, give Hai a try! You don't need to do anything special to access this knowledge; simply ask Hai your question, and it will automatically pull in the relevant information based on your question.

The beta Findings page offers a unified view of all reports, enabling users to prioritize across engagements using filters, sorting, and customizable views. However, searching across all findings currently requires Lucene query language, which can be challenging for users who are unfamiliar with Lucene or HackerOne’s data structure. As a result, it’s harder to uncover and act on critical insights quickly.

Hai makes searching easier by generating and running these queries so you can quickly find the information you need without technical expertise.

Hai is now able to generate emails that users can review and send.

We’ve given Hai the ability to compose emails for users. Hai Chat now shows a preview of the email, allowing users to send it out with a single click of the Send button! You can ask Hai to send an email at any point in a Hai conversation.

The email composition is contextually based on the ongoing conversation, making this feature highly flexible and adaptable to a wide range of use cases. Here are a few examples:

If you can talk about it with Hai, Hai can send an email about it! Like the email API endpoint, we only allow emails to be sent to users in the same organization.

Our goal is to support our users in their vulnerability-elimination workflows. Often, this involves sharing important findings or insights via email—whether it’s sending an individual report or delivering value-driven reporting on request. Hai email makes it easy to share information with the right people, even if they aren’t directly engaged on the platform.

Currently, this email capacity has to be enabled per play. The RoM play is an example of how we’ve already enabled this tool. If the tool is enabled, you can ask Hai something like: "Send a summary of this conversation by email to user@hackerone.com," which will prompt a "compose email" interface.

You can also send emails directly through the API. Learn more on our Automations page.