SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
HackerOne launches AI co-pilot Hai to improve vulnerability response times
Thu, 29th Feb 2024

Global security company, HackerOne, has announced the beta version launch of its new artificial intelligence (AI) GenAI co-pilot, known as Hai. This new undertaking aims to reduce the time organisations spend understanding and responding to vulnerability reports, paving the way for a more efficient process of vulnerability rectification.

Hai is geared to bridge the gap in technical expertise by translating intricate or technical reports into easily understandable explanations for customers. In addition, it has the capacity to build customisable templates that enrich Nuclei scanner consistency, offering personalised advice for rectifying any vulnerability.

The optimisation of Hai in HackerOne's procedures is expected to greatly bolster workflows by helping to establish industry-leading response times. Specific benefits offered by Hai for customers contain the synthesis of complex vulnerability data, generation of comprehensive Nuclei templates effortlessly, availing customised rectification advice, and even enhancing hacker communication.

Head of Cyber Controls at Six Group, Alexander Hagenah, stated that "Hai has significantly reduced the time my team spends sifting through bug reports or creating responses, allowing us to focus more on resolving and communicating vulnerabilities quickly."

Confirming the benefits of Hai, the Vice President of Cybersecurity at a Fortune 500 Real Estate Services and Investment Firm said, "Utilising Hai for translating complex vulnerability findings into remediation advice has been a game changer for us. It bridges the gap between our technical reports and our internal audience, enhancing the value of our HackerOne program by making actionable insights accessible to everyone."

Parallel to the launch of Hai, HackerOne has broadened its AI Red Teaming service. HackerOne's community of selected hackers will now assist customers in developing their tools and features in a safe and secure manner through thorough stress-testing of their deployments. HackerOne's AI red teaming utilises human creativity to enhance and fortify this emerging technology, and by combining this human creativity with the efficiency of GenAI, it strives to help businesses unlock the complete potential of AI.

Recently, HackerOne assisted Snap Inc. with testing its new AI-powered features, ensuring suitable monitors were in place to oversee not just expected user behaviour issues, but also behavioural attributes of the models themselves. This level of scrutiny better protects against rare instances of unsuitable content arising out of flaws.

Discussing this collaborative experience, Technical Lead of AI Safety at Snap Inc., lana Arbisser said, "We knew we wanted to do adversarial testing on the product, and a security expert on our team suggested a bug bounty-style program. From there, we devised the idea to use a 'Capture the Flag' style exercise."

Speaking on the introduction of these new AI features, Co-Founder and Senior Director of Product Development at HackerOne, Michiel Prins said, "HackerOne’s latest AI innovations are only scratching the surface of what's possible with this technology. AI solutions and deployments can't be successful without human input."