HackerOne - Experts & Thought Leaders

HackerOne, a pioneer in Continuous Threat Exposure Management (CTEM), now announced two strategic executive appointments to accelerate the company’s next phase of growth and innovation in the rapidly expanding threat exposure management category.  Stephanie Furfaro joins as Chief Revenue Officer and Stacy Leidwinger as Chief Marketing Officer, bringing deep go-to-market expertise to scale HackerOne’s impact across enterprises worldwide. Together, they will strengthen execution across sales, customer success, partnerships, and marketing to help organizations stay ahead of an increasingly autonomous and AI-driven threat landscape. Prior roles of Furfaro  Furfaro will lead all global revenue-generating functions, spanning sales, customer success, and partnerships, to accelerate growth and deliver greater value for customers worldwide. Leidwinger will oversee global marketing functions, including brand, product marketing, growth marketing, channel and field marketing, and sales development, unifying HackerOne’s storytelling and demand engine to support the company’s expanding market presence. Furfaro brings more than 25 years of experience scaling high-growth software companies and transforming global go-to-market strategies. She is known for building enduring customer relationships and high-impact channel partnerships that drive measurable business outcomes. Previously, Furfaro served as Chief Business Officer at Rapid7, where she led teams across sales, customer success, channel partnerships, support, and operations, helping the company achieve significant, sustained growth. Most recently, she served as General Manager at DigitalOcean and has held senior leadership roles at Allaire, Macromedia, and Adobe, where she built global programs that strengthened customer engagement and partner enablement. Prior roles of Leidwinger Leidwinger joins HackerOne with extensive experience leading cybersecurity marketing teams and scaling global software businesses. Most recently, she served as Chief Marketing Officer at Secureworks, where she oversaw all marketing and led the shift from a managed service provider to a software platform company. In addition to her cybersecurity leadership, she brings deep industry expertise in large language models and AI, grounded in her work on IBM’s Big Data team. She brings a strong customer and partner focus, ensuring marketing sharpens value messaging and drives measurable performance across the demand engine. AI-led cyber threats “HackerOne is redefining how organizations stay secure in an increasingly autonomous, AI-driven threat landscape,” said Furfaro. “I’m excited to join a company that pairs deep human expertise with cutting-edge AI to deliver meaningful customer impact. Building on HackerOne’s strong partner ecosystem will be central to expanding our reach and empowering more organizations to proactively manage their risk.” “HackerOne is entering a new stage of growth as AI-led cyber threats reshape the landscape,” said Leidwinger. “Security pioneers need to secure faster, prove risk reduction, and adapt to an increasingly autonomous threat environment. I’m energized to elevate HackerOne’s customer and partner value message and show why Continuous Threat Exposure Management (CTEM), paired with the unique combination of AI and human adversarial expertise, drives stronger results than anything else on the market today.” Threat landscape and modern defense “Stephanie and Stacy join HackerOne at a pivotal moment for our company and the cybersecurity industry,” said Kara Sprague, CEO of HackerOne. “As AI reshapes the threat landscape and modern defense, Stephanie’s experience scaling global revenue organizations and Stacy’s leadership in brand and growth marketing will strengthen every part of our go-to-market engine. Together, they will accelerate growth by delivering our full Continuous Threat Exposure Management (CTEM) value proposition to more enterprise customers.” HackerOne’s in-platform suite of AI agents These new appointments follow a year of strong growth and product innovation for HackerOne. In October, HackerOne announced the evolution of Hai, its AI platform, from copilot into an agentic AI system, along with the general availability of HackerOne Code, its AI-native code security product. With 90% of customers now leveraging Hai, HackerOne’s in-platform suite of AI agents, to accelerate vulnerability discovery and response, HackerOne is helping organizations stay ahead of threats. HackerOne bug bounty programs collectively paid out $81 million, a 13% increase from last year, underscoring the unmatched impact of its global researcher community. The company also launched its Technology Alliance Program to unite leading technology providers with its AI-powered platform.

HackerOne, a pioneer in offensive security solutions, announces the evolution of HackerOne AI, Hai, from a copilot into an agentic AI system, and the general availability of its AI-native code security product, HackerOne Code. Together, they set a new standard in continuous exposure management by accelerating how enterprises find, prioritise, and remediate vulnerabilities. Hai is HackerOne’s coordinated team of AI agents that continuously analyses and contextualises findings to help organizations prioritise, validate, and remediate risks faster, guided by insights from over 500,000 validated vulnerabilities. 70% of users cite time savings as the biggest impact, with users saving up to 40+ hours every month, a full work week. Remediating risks faster Hai’s current agents are reshaping workflows: Priority Escalation Agent uncovers critical risks without delay Deduplication Agent eliminates duplicates and reduces noise Report Assistant Agent ensures complete, consistent reports Insight Agent surfaces historical context to accelerate validation “Hai cut our validation time from 20 minutes to just 5," said Connor Knabe, Application Security Architect, Veterans United Home Loans. "By replacing manual steps with clear context, we validate faster, clarify impact, and stay aligned.” Code security solution To solve the challenge of discovering and eliminating vulnerabilities before applications are deployed, HackerOne Code is now generally available. Built for the AI development era, HackerOne Code is a code security solution that works like a developer and thinks like a security researcher—scaling vulnerability discovery with AI and human oversight. HackerOne is also previewing the next milestone in its agentic roadmap: Agentic Pentest as a Service (PtaaS). Taking validation a step further, Agentic PtaaS continuously proves exploitability at AI-driven scale while keeping human ingenuity at the core. This breakthrough extends exposure management into adversarial validation, delivering real proof of exploitation so organizations can prioritise and remediate with greater confidence. AI-powered offensive security “Hai has been central to our vision for AI-powered offensive security, and today marks the next stage in its evolution,” said Nidhi Aggarwal, Chief Product Officer at HackerOne. “Powered by the insights drawn from over a decade of offensive security expertise, Hai’s new agents and the introduction of Agentic PtaaS extends its capabilities from validation to proof of exploitability, helping organizations continuously reduce exposure and accelerate remediation at scale. In the AI era, secure development must be built in, not bolted on. HackerOne Code empowers developers with validated, trusted code fixes directly within their workflows, enabling them to innovate faster without increasing risk.”

HackerOne, a pioneering provider of offensive security solutions, announces the availability of its security agent Hai in the new AI Agents and Tools category of AWS Marketplace. Customers can now use AWS Marketplace to easily discover, buy, and deploy AI agent solutions, including HackerOne’s AI security agent Hai, using their AWS accounts, accelerating AI agent and agentic workflow development. Resolution across SDLC Hai helps security teams reduce validation time by up to 75%, improve consistency in severity scoring Hai helps security teams reduce validation time by up to 75%, improve consistency in severity scoring, and streamline communication between security, engineering, and development teams. This results in faster, more aligned vulnerability resolution across the software development lifecycle (SDLC). Access to agentic AI solutions "By offering Hai in AWS Marketplace, we're providing customers with a streamlined path to discover and adopt our security agent, enabling faster, more efficient access to agentic AI solutions," said Nidhi Aggarwal, Chief Product Officer at HackerOne. "Our customers in a broad range of industries are already using these capabilities to accelerate remediation, improve decision-making, and strengthen their overall security posture." Intelligent report analysis Hai delivers essential capabilities including intelligent report analysis, program-wide trend detection, and integrated workflow automation. These features enable customers to make smarter decisions, act faster, and strengthen their security posture while cutting coordination time with security and development teams by 20–30%.  Availability of AI Agents and Tools With the availability of AI Agents and Tools in AWS Marketplace, customers can significantly accelerate By surfacing relevant insights, such as report summaries, similar past submissions, and suggested severity, Hai reduces back-and-forth and accelerates action. With the availability of AI Agents and Tools in AWS Marketplace, customers can significantly accelerate their procurement process to drive AI innovation, reducing the time needed for vendor evaluations and complex negotiations. HackerOne's strict security and access controls With centralized purchasing using AWS accounts, customers maintain visibility and control over licensing, payments, and access through AWS. Available as a native capability within the HackerOne Platform, Hai uses pre-trained large language models through AWS Bedrock while operating within HackerOne's strict security and access controls. This enables customers to access AI-driven insights securely without compromising their data, systems, or privacy.