HackerOne | JFrog | Push Security | Tines
Q1. HackerOne's "Hacker-Powered Security Report 2025" mentions the rise of the "bionic hacker". Explain to us what exactly that means? What are the implications of the trend for enterprise defenders?
The “bionic hacker” reflects a new reality we’re seeing across the HackerOne Platform: security researchers are now pairing their own creativity with AI tools to work faster, deeper, and at greater scale than ever before. According to our recent findings, AI-assisted vulnerability reports have surged by 210%, driven largely by researchers using AI to automate repetitive tasks, analyze massive codebases, and uncover issues that might otherwise stay hidden.
For enterprise defenders, this trend has two big implications:
Attackers are scaling—so defenders must too.
As researchers become more “bionic,” so do adversaries. AI makes it easier to probe systems continuously, which means traditional, periodic testing doesn’t keep pace with how fast your attack surface is evolving.
Human insight remains the differentiator.
AI alone can’t surface the novel, business-critical vulnerabilities that matter most. The real advantage comes from combining human intuition with AI acceleration—the same blend fueling the bionic researcher. Organizations that tap into this human-plus-AI capability gain broader coverage, faster discovery, and richer context around AI vulnerabilities that automated scanners routinely miss.
This rise in bionic talent reinforces what we’ve believed for years: continuous security testing powered by diverse human expertise is essential to eliminating vulnerabilities across the software development life cycle. AI brings scale, humans bring ingenuity, and together they help you stay ahead of emerging risks.
Q2. How do you see the use of AI for vulnerability analysis and prioritization changing the dynamics of vulnerability management? What kind of safeguards or human oversight do you think are essential to ensure AI-driven triage remains accurate and trustworthy?
AI is transforming vulnerability management by taking on the repetitive, time-intensive work, including summarizing reports, classifying issues, and surfacing the highest-risk findings, so human experts can focus on the complex analysis that truly requires judgment. With capabilities like Hai Triage, organizations can move faster and reduce noise without sacrificing the accuracy or context that only skilled security practitioners can provide.
But speed alone isn’t enough. To keep AI-driven triage trustworthy, human oversight remains essential. AI should recommend, not decide; its reasoning must be transparent and auditable; and models need to be continuously refined using real, validated vulnerability data. When you combine AI’s speed with human insight, you get faster, more consistent prioritization and, ultimately, stronger vulnerability management grounded in trust.
Q3. What can attendees at Black Hat Europe 2025 expect from HackerOne? How do you plan on engaging with researchers and the broader security community at the event?
Attendees can expect HackerOne to bring a deeply educational and community-driven presence to Black Hat Europe this year. At our booth (609), we’re helping security leaders understand how continuous threat exposure management works in practice, and why the combination of human creativity and AI acceleration is the best way to keep pace with today’s expanding attack surface. Our team will be available throughout the event to walk through real use cases, platform capabilities, and the latest insights from our research community.
We’re also sharing new thinking on where the industry is heading. I’ll be presenting “The Rise of the Bionic Hacker: AI, Autonomy, and the Future of Offensive Security” on Wednesday, Dec 10, from 2:15–2:40 pm in Business Hall Theater A. It’s a look at how AI is reshaping both offensive testing and defensive strategy, and what security leaders need to prepare for next.
And because Black Hat is as much about community as it is about content, we’re bringing something a little fun too. Attendees can stop by our booth to build a custom LEGO minifig and learn more about the HackerOne Platform.
Q1. JFrog’s research suggests many “critical” CVEs are incorrectly scored, leading to wasted effort and developer burnout. How should organizations rethink vulnerability prioritization so that security teams focus on real-world, exploitable risk rather than vulnerability volume?
Organizations must shift from a CVSS-only model, which often inflates severity and causes "vulnerability fatigue," to a contextual analysis approach where each vulnerability is assessed within the context of applicable dependencies and package usage. Our research found that only 12% of high-profile "critical" CVEs truly justify that score based on exploitability. Prioritization must be rooted in real-world exploitability and applicability within the running code.
While a contextual-based approach is the most accurate, there are also alternatives to NVD’s CVSS even when context is not available, for example, we found the following sources to provide a more accurate severity score - CVSS score assigned by the CNA, Project-specific severity scores (e.g. Apache, Curl), Distro-specific severity scores (ex. Red Hat, Debian)
Q2. How are attackers targeting AI-native build environments? How should security teams evolve to defend these pipelines?
Attackers are targeting the proliferation of ML models as a preferred attack vector, indicated by a 6.5x increase in malicious models in Hugging Face as opposed to just a 2x increase in total models in that time period (March 2024 - March 2025). In addition, attackers are using prompt injection attacks to trick AI agents into code execution and sensitive data leakage, as was seen in the prolific GitLab Duo Remote Prompt Injection attack a few months ago.
To secure the AI supply chain, security teams must evolve by treating AI/ML models as first-class software artifacts, similarly to open-source code packages, which are extremely well known to be able to lead to malicious code execution when installed. In addition, this requires applying DevSecOps practices to AI agents, such as sandboxing the code that they execute (even using multiple sandboxing layers) and monitoring their output for sensitive data leaks, for example, with an automated secret detector.
Q3. What key messages is JFrog focusing on at Black Hat Europe 2025? What do you hope attendees will take away from your participation at the event?
Our core message is the imperative of trusted, end-to-end software supply chain security in the AI era. We are focusing on two critical themes: defending against the "Quad-fecta" of modern security issues (CVEs, malicious packages, zero-days and leaked secrets) and establishing secure, governed AI/ML delivery. We hope people take away that security must focus on visibility, context and be applied consistently to all software components, including new AI/ML assets and workflows.
Q1. Push recently reported a surge in LinkedIn-based phishing campaigns that use trusted services like Google and Microsoft to mask malicious redirects. How do you see the evolution of phishing beyond email? What role can browser-based detection play in defending against these attacks?
Over the last few years, we’ve seen phishing shift from email and move to other applications where they can be easily reached by external attackers, like LinkedIn, Google Search, Slack, Facebook, and various other websites. For example, just last month we saw that 34% of phishing attempts happened on platforms outside of email.
That’s not to say that email is no longer an entry point – it certainly is, and it still needs to be defended – but attackers have realized that many of these other applications are much easier targets. You’re way more likely to engage with a LinkedIn DM than a spam email, for example, with far fewer security controls to work around.
Avoiding email enables attackers to bypass most organizations’ traditional security stack. And with attackers using a range of other tricks — like using legitimate services (even Microsoft and Google) to host sites and perform redirects, these sites blend in with real, legitimate ones.
Similarly, attackers are leveraging malvertising as a method to inject their phishing links across an organization’s ad network, making them appear in Google Search, Facebook, LinkedIn, Reddit, and third-party web banners.
This shift is why browser-based detection has become so important. The browser is the real battleground today. It’s where people access and use the apps that are now the core of business IT. If you can’t see what’s happening at that moment—inside the browser—you’re missing the most important context in modern security.
By instrumenting the browser itself, you get visibility into user intent, authentication, and browser and webpage context that simply don’t show up in email gateways or network filters or isn’t covered by endpoint-focused security tools that can’t see inside the browser sandbox. That visibility lets you intercept browser-based attacks in real time, like session-stealing phishing kits, Clickfix, malware delivery, malicious browser extensions and OAuth integrations, and more. It’s essential protection for security teams looking to defend against modern threats.
Q2. How do you anticipate AI will change the nature of identity attacks? What steps should organizations take now to prepare for AI-driven threats before they become mainstream?
We’ve already seen AI accelerate attacker capabilities in a few areas. It’s made it easier for attackers to harvest information about their targets, craft bespoke and well-written phishing lures and generally raise the bar for social engineering. We’re seeing plenty of campaigns that have almost certainly used AI to create and deliver phishing messages over various platforms.
The rise of agentic AI capabilities with AI-integrated and autonomous web browsing also presents another challenge. There’s the potential for attackers targeting AI agents running in your browser through hidden prompts that are invisible to a human, but readable by an AI agent, instructing the AI to perform malicious actions using the deep access it has to your apps and identities. That said, the use of autonomous browsers for enterprise business use is probably quite far off at this stage, given the security concerns.
With the rise of phishing links being delivered over search engines with malvertising and SEO poisoning, we’re also seeing many examples of vibe-coded, SEO-optimized websites that attackers are using as part of their phishing chains, or to host malicious ClickFix content. Attackers are basically spinning up realistic looking sites that get indexed by Google, rank well for their chosen search terms, and can intercept users as they browse the web.
What we know for certain is that AI will make it easier, faster, and cheaper to conduct the attacks that are already bringing attackers so much success. We released research earlier this year about attackers using AI capabilities to, for example, log into business apps using stolen credentials, passing CAPTCHA checks and setting up backdoor access like API keys and secondary login methods for attackers to exploit later. This would significantly scale up account takeover using stolen credentials, which when we consider that there are billions of stolen credentials sitting around on the internet, across many thousands of SaaS apps, there’s plenty of room for abuse there.
This is why it is vital that organizations find ways to proactively harden their identity attack surface and detect and block attacks in real time.
Q3. What are Push's plans at Black Hat Europe 2025. How do you plan on using the event to engage with customers, researchers and other stakeholders?
For Black Hat we’re leaning into what we think the industry truly needs: real visibility into how attacks are evolving inside the browser, and practical guidance on how to get ahead of the threat curve. We’ll be sharing fresh research on the techniques we’re seeing in the wild – particularly around malvertising, sophisticated phishing campaigns, and the browser-hosted attacks that traditional tools consistently miss. We want attendees to walk away with a much clearer sense of where the threat landscape is headed over the next 12–18 months.
We’re also bringing a heavier focus on interactive demos. Rather than talking about how session hijacking can occur - even with strong MFA in place - or outlining the mechanics behind the highly effective ClickFix attacks, we’ll be walking through them live, step by step, and demonstrating how real-time browser-level detection changes the outcome. Those demos tend to spark some of the most valuable conversations with practitioners, so we’re making them a core part of our presence this year.
Our other big goal is engagement. Black Hat brings together a uniquely diverse mix of people – researchers, red teamers, CISOs, security engineers – and each group sees different pieces of the puzzle. We’ll be having those discussions in our booth and holding 1:1 sessions with customers. And we will spend a lot of time listening. Our roadmap is heavily shaped by what our customers are experiencing on the ground and what our researchers are seeing in the wild. Black Hat gives us a chance to collect those insights directly.
Q1. What are the biggest tradeoffs organizations face when automating identity operations, especially in highly complex environments? How can organizations balance speed and efficiency with security and compliance when implementing automated identity workflows?
The biggest tradeoff in identity automation is balancing speed with control. Highly complex environments create edge cases where rigid rules can break and fully autonomous actions may overshoot risk tolerance. The solution is a hybrid workflow model: use deterministic automation for predictable, high-volume identity tasks, and embed human-in-the-loop steps where judgment, context, or exception handling is required. Strong governance, monitoring, and auditability ensure workflows move fast and remain compliant, predictable, and safe. This is where the Tines’ platform shines.
Q2. As organizations deploy agentic workflows to autonomously triage and contain incidents, how should they be deciding where to place the ‘human-in-the-loop’ boundary? What should they be putting in place to ensure autonomous actions remain predictable, auditable, and aligned with risk tolerance?
Organizations should decide where to place humans in the loop by evaluating a few core factors: how predictable the task is, the organization’s tolerance for risk or error, how much judgment or contextual understanding is required, and the scale and speed at which the work needs to run. Agentic workflows are well suited to high-volume, time-sensitive, and repeatable tasks like enrichment, correlation, and initial triage. Humans should be brought in when actions materially change access, touch sensitive systems, or involve low risk tolerance, ambiguous signals, or high-stakes decisions that require judgment. To keep autonomy predictable and aligned with risk tolerance, teams need clear guardrails in place, including explicitly defined policies, approval checkpoints, versioning, and comprehensive audit trails. Intelligent workflows that combine deterministic steps, agentic reasoning, and human oversight provide these control points, ensuring autonomous actions remain explainable, reversible where possible, and safely governed at scale.
Q3. What technology or capability does Tines plan on highlighting at Black Hat Europe 2025? What emerging challenges or trends make it especially relevant in 2025?
will showcase how intelligent workflows combine deterministic automation, human oversight, and agentic AI to securely operationalize autonomous actions across security and IT operations. This matters in 2025 because teams are drowning in alert volume, tool fragmentation, and AI “slop” created by immature or ungoverned automation efforts. Organizations need reliability, explainability, and control. Not just more AI. Tines provides a unified, governed workflow layer purpose-built for mission-critical operations. This approach is resonating globally as customers connect dozens of systems, run billions of actions weekly, and safely scale automation across the enterprise.
