HackerOne has introduced significant advancements in its suite of offensive security solutions. At the forefront of these innovations is the transition of the company's AI system, HackerOne AI, known as Hai, from functioning as a mere copilot to becoming an agentic AI system. Alongside this evolution, HackerOne has also made its AI-native code security product, HackerOne Code, widely available.
Together, these developments establish a new benchmark in continuous exposure management. Enterprises can now accelerate their processes to identify, prioritise, and address vulnerabilities more efficiently.
Hai represents HackerOne’s cohesive team of AI agents trained to rigorously analyse and contextualise findings. This system aids organisations in swiftly prioritising, validating, and addressing risks, leveraging insights from an extensive database of over 500,000 validated vulnerabilities. Users have observed time savings, notably, shaving off up to a full work week every month.
Features include
- Priority Escalation Agent: Rapidly identifies crucial risks.
- Deduplication Agent: Minimises repetition and noise.
- Report Assistant Agent: Guarantees detailed and uniform reporting.
- Insight Agent: Brings historical insights to speed up validations.
Remarkably, users like Connor Knabe, an Application Security Architect, attest to the drastic improvement in validation speed, cutting it from 20 minutes down to just 5.
As part of addressing the challenges associated with identifying and rectifying vulnerabilities before application deployment, HackerOne Code emerges, tailored for the modern AI-driven development environment. This product mimics developer habits while applying the critical insights of a security researcher to accelerate vulnerability detection.
Agentic Pentest as a Service (PtaaS), another promising innovation on the horizon, extends validation into adversarial realms. It delivers empirical proof of exploitability, empowering organisations to channel their remediation efforts with enhanced certainty. This milestone balances AI's precision with indispensable human creativity.
Chief Product Officer, Nidhi Aggarwal, reflects on this pivotal stage for Hai, underscoring the transformative role it plays in offensive security. The introduction of the Agentic PtaaS and the AI-driven HackerOne Code highlights a shift from purely validation processes to genuine proof of exploitability, positioning secure development as integral rather than an afterthought.
With HackerOne Code's trusted code corrections, developers can now refine their workflows and innovate with agility, all while effectively mitigating associated risks.
