johnk
2019-11-14 09:55:55
www.hackerone.com
As our customers’ security teams grow, it’s important for us to sustain their growth with new features. Today we’re announcing the Program Audit Log. It enables customers to audit important actions that were taken in their program, such as permission updates, new members, bounty rewards, and program settings.
Programs can use the audit log to:
• Investigate program changes during an incident, such as a rogue employee
• Monitor when sensitive permissions are added, and by whom
• Proactively set up alerts for suspicious actions, such as an employee moving back and forth between two countries in a day or awarding a larger than an expected bounty
The audit log will be available for every program on the platform. It comes with advanced features that enable customers to feed Program Audit Log events into their internal log aggregation platform for alerting.
The Program Audit Log can be found under program settings. Customers can easily filter by specific events, users, and event time.
Many of our customers manage their program with HackerOne’s customer success team. We’ve made it easy to distinguish between actions that were taken by HackerOne employees and internal colleagues. For each action taken by a team member, we log the country and browser user agent, which can be used for additional alerts.
Some of our customers will want to feed the Program Audit Log into their own log aggregation platform. We have a solution for that: a CSV export and API support.
HackerOne is excited to continue to build features that improve our customers’ ability to manage their programs. And we look forward to seeing all the different ways our customers use the Program Audit Log! As always, we’ll be listening to your reactions and requests at feedback@hackerone.com.
Support Techcratic
If you find value in Techcratic’s insights and articles, consider supporting us with Bitcoin. Your support helps me, as a solo operator, continue delivering high-quality content while managing all the technical aspects, from server maintenance to blog writing, future updates, and improvements. Support Innovation! Thank you.
Bitcoin Address:
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge
Please verify this address before sending funds.
Bitcoin QR Code
Simply scan the QR code below to support Techcratic.
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.
