“Even Organizations Flying Under the Radar Will See Attacks”: HackerOne CEO Warns Hosts of What’s Coming

Writer: Jordan Sprogis

Jordan Sprogis, Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

Editor: Lillian Castro

Lillian Castro, Senior Editor

Lillian Castro brings more than 30 years of editing and journalism experience to our team. She has written and edited for major news organizations, including The Atlanta Journal-Constitution and the New York Times, and she previously served as an adjunct instructor at the University of Florida. Today, she edits HostingAdvice content for clarity, accuracy, and reader engagement.

Reviewer: Cristian Lopez

Cristian Lopez, News Manager

Cristian Lopez uses his Business Marketing background from the University of Illinois at Chicago to create comfortable environments for customers, clients, and colleagues to share their thoughts and ideas openly. From interviewing tech leaders to conducting UX market research projects, Cristian knows the importance of storytelling — a key variable for innovation and inspiration. His goal at HostingAdvice is to wow readers on the ever-evolving nature of the tech industry and bring his audience the most reliable and exciting content on all things hosting.

Follow the HostingAdvice team for a daily dose of tech news, trending IT discussions, and interviews with the web's most innovative technologists.
Follow Us:
2.7k
1k

The nostalgic image of underground hackers has an undeniable cinematic appeal. Teams huddled in basements, lit by neon monitors, racing against a blinking timer — a sense of urgency and excitement unmatched to any regular old workplace.

Reality today shows it’s a lot less sexy, but just as concerning. HackerOne’s CEO, Kara Sprague, told HostingAdvice that adversaries are not slowing down at all in the way they use AI in their attacks.

Kara Sprague, HackerOne CEO headshot
Kara Sprague, HackerOne CEO

AI has effectively automated the attacker, turning what used to be manual effort into something anyone can run at any scale. Everybody’s on the menu, and targets get picked in seconds.

It’s why Sprague urges providers to move away from legacy security stacks and start incorporating AI red teaming. Beginning last year, HackerOne saw 200% growth in AI red-teaming, which further suggests how quickly organizations are trying to understand their AI exposure.

HackerOne’s doing the same thing, and prompt injections are among the top methods.

“Prompt injection is by far the most prevalent, but you can also almost think about prompt injection as the AI equivalent of cross-site scripting,” Sprague said. “Some of the more interesting and malicious attacks include model poisoning, where you somehow get the model to incorporate a bunch of data that significantly alters its bias or jailbreaking models.”

This is a prime example of automated tooling. It doesn’t care how valuable a business is; it just crawls, tests, and attacks. Regional operators, boutique providers, resellers — just about everybody — are constantly getting gobsmacked with the same intensity as major companies and brands.

Size Truly Doesn’t Matter

John Chambers, Cisco’s former CEO, once said something that has been quoted hundreds of times since. He said: “There are two types of companies: Those that have been hacked, and those who don’t yet know they have been hacked.”

That’s already obvious in HackerOne’s findings. According to Sprague, the automation available to attackers means organizations should expect “much more continuous probing on systems” than they’ve seen in previous years.

“Even those organizations that felt they were flying under the radar will start to see sophisticated attacks pointed at them,” said Sprague. “The kinds of protections and the kinds of security techniques and tooling that you need to protect your AI systems is very different from the stack that they have been using historically.”

If AT&T can have 109 million accounts exposed and Yahoo can lose nearly 3 billion user records, even “trusted” companies aren’t immune.

CompanyIncident SummaryScale
AT&TUnauthorized download of customer account data109 million accounts
YahooHistoric breach exposing user information About 3 billion accounts
JPMorgan ChaseLarge-scale breach of customer data83 million households and businesses
T-MobileMultiple breaches across several yearsTens of millions of users
Notable Incidents at Major “Trusted” Companies

“We’re moving into a space now where the automation that is available to cyber criminals means that you’re going to have to have much more continuous probing on systems,” Sprague said. “You’re going to have to have much more continuous probing on systems.”

Continuous probing leads to exactly what you think it does: Instead of occasional spikes in activity, systems see a steady stream of automated checks, tests, and boundary‑pushing attempts.

These patterns aren’t surprising to her. As AI adoption rises across enterprises, the underlying systems are exposed to new classes of behavior that older testing frameworks weren’t designed to evaluate. Sprague said this is one area where many teams — even well-funded ones — are still catching up.

Source: The Rise of the Bionic Hacker

“CISOs are more on their back foot with AI adoption than they have been historically with other technologies,” she said. “The advice we’re giving is to incorporate security of your AI system, make it a part of your overall security program. It’s not a side thing that you should try to drive outside of your existing governance process.”

One distinction Sprague emphasized is understanding AI security versus AI safety:

Both need structured testing, she said, and each behaves differently from the vulnerabilities teams are used to assessing.

Sprague also noted that the tools protecting AI systems diverge significantly from the legacy stacks many providers still rely on. The shift toward AI-specific testing makes the role of external researchers more important, not less.

And because of that, “the role of the external security researcher community is definitely elevated” when evaluating AI-driven behavior.

Inside HackerOne’s Evolving Tooling

When Sprague joined HackerOne last year as its new CEO, she came in with a background shaped by Oracle and McKinsey. Thirteen months later, she said one thing has stood out the most: how quickly both the community and the customers are embracing AI and the tooling around it.

“Most of the community are embracing AI — both because it helps them expand their ability to do more things, whether that’s helping with reconnaissance, or some of them are paying for large amounts of infrastructure to drive a bunch of automation to help with their research and vulnerability discovery,” Sprague explained.

“Generally, the community recognizes that AI is going to be necessary to help them force-multiply their own work,” she said.

One example of new said tooling is the Insight Agent, which Sprague described as “the archivist or librarian of all vulnerability reports that have ever come into a specific organization.” While it does surface old reports, it also compares any new issues against the years of historical data and patterns so it’s able to tell analysts what they did last time in a similar situation.

Customers have told her it cuts analysis time by as much as 75%, which is a pretty big deal for hosting teams that barely have enough people to keep up with ticket queues, let alone triage every odd-looking vulnerability.

It’s not dissimilar to HackerOne’s Report Assistant Agent. Specifically built for security analysts/researchers, it solves a problem that any ticketing agent understands: low-quality submissions that take way too much time to clarify.

Sprague said the agent is “meant to shift left a bunch of that back and forth,” meaning reports come in structured, complete, and easier to validate. Basically, when somebody submits a bug that says: “This doesn’t work!1!1!”, the autonomous agent can take that and actually do the work to make sense of it.

Source: The Rise of the Bionic Hacker

All of these tools sit under Hai, HackerOne’s broader agentic platform.

Built as the parent system to these agents, Hai was designed with strict permissioning so agents inherit the same user permissions of the person calling them, and with explicit guardrails ensuring customer data isn’t used to train or tune models.

“Many of those protections are built in place, and they’re based on the highest architectural standards from the general community,” Sprague explained to us. “We took the best page out of some of the leaders we think in terms of thinking through permissions and access controls for agentic systems.”

Instead of pitching Hai as a neatly wrapped box, HackerOne subjects its own tools to the same scrutiny it encourages customers to try.

“The other thing that we’re careful to do with Hai, of course, is that we drink our own champagne. HackerOne has always had a very active bounty program for our own technology, and we also do pentesting on our own technology,” she said. “And we invite the broader community to be pressure testing these things and participate in our programs to help improve them.”

About the Author

Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

« BACK TO: BLOG

Meet the Experts

Our team of experts with a combined 50+ years of experience in web hosting serve insight and advice to more than 20 million users!

We Know Hosting

$

4

8

,

2

8

3

spent annually on web hosting!