Ethical Hackers Have Earned $100m

Bug bounty platform HackerOne has recently announced that it has paid out $100,000,000 in rewards to white-hat hackers around the world at the end of May 2020. Since it started delivering vulnerability reports to its customers, HackerOne bug bounty hunters have found roughly 170,000 security vulnerabilities according to the company's CEO Mårten Mickos.

Freelance elite hackers can make more than $500,000 a year searching for security flaws and reporting those issues at big companies like Tesla and organizations like the US Department of Defense, according to new data released by ethical hacking platform Bugcrowd.

The company, founded in 2012, is one of a handful of so-called “bug bounty” firms that provide a platform for hackers to safely chase security flaws at companies that want to be tested.

Hackers work on a clearly defined contract for a specific company and get paid a bounty when they are able to find a flaw in a company’s infrastructure. How much they’re paid depends on how serious the problem is. Over 700,000 ethical hackers are now using the bug bounty platform to get paid for security bugs in the products of more than 1,900 HackerOne customers.

The total amount of rewards paid to hackers has grown from $10 million between 2014 and 2016, to $30 million between 2017 and 2019, and reached $50 million between Q2 2019 and Q2 2020. 

During 2018 alone, the 300,000 hackers who are part of the bug bounty program earned a combined $19 million in bounties, nearly as much as the platform has awarded in all of the company's previous years combined. 12% of hackers using HackerOne to report security vulnerabilities make over $20,000 each year only from bug bounties, while 1,1% will get rewards worth more than $350,000 annually and 3% being paid over $100,000 per year. It took 5 years to get to $20m in bounties paid.

8 White-Hat Hackers Have Become Millionaires

According to a survey, since enrolled on HackerOne's platform from two years ago, top hackers will earn on average 2.7 times more money in rewards than a software engineer's average salary in the same country. In August 2019 HackerOne also announced that eight of the hackers using its platforms have become millionaires. 

 "As a result of their creativity and tenacity, we predict hackers will have earned $1 billion in bug bounties within five years, protecting companies and governments alike from persistent and ephemeral threats," Maretn Mickos told Bleeping Computer.

To protect against cyberattacks, companies have been using a range of methods to allow people with hacking skills to test their defenses. Some companies use in-house penetration testers, often putting them on so-called red teams to play the role of a malicious collective trying take down corporate servers or steal information.

CNBC:     Bleeping Computer:      Secure World Expo:       

You Might Also Read: 

Young Hacker Makes $1m. Legally.

If you would like more specific information about how you can improve your business cyber security, please contact Cyber Security Intelligence and we will recommend the right solutions for you and your work. 

 

 

 

« PIN Authentication Significantly Reduces Cyber Attacks & Data Breaches
British Government Thinking Again About Huawei »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Tripwire

Tripwire

Tripwire are a leading provider of risk-based security, compliance and vulnerability management solutions.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Graphus

Graphus

Graphus provides a simple, powerful, automated solution that eliminates 99% of social engineering and spear phishing attacks against G Suite business Gmail users.

HCL Technologies

HCL Technologies

HCL offer an integrated portfolio of products, solutions and services built around Digital, IoT, Cloud, Automation, Cybersecurity, Analytics, Infrastructure Management and Engineering Services.

Secure Code Warrior

Secure Code Warrior

Secure your code from the start with gamified, scalable online secure coding training for software developers.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

US Secret Service

US Secret Service

The US Secret Service has a pivotal role in securing the nation’s critical infrastructures, specifically in the areas of cyber, banking and finance.

Onward Security

Onward Security

Onward Security provides security solutions including network & application assessment, product security testing and security consulting services.

Bellvista Capital

Bellvista Capital

Bellvista Capital connects entrepreneurs with capital and unmatched business expertise in the technology areas of Cloud Computing, Cyber Security and Data Analytics.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

ValueMentor

ValueMentor

ValueMentor is a leading cyber security service provider in the Middle East. We enable clients to reduce risk by taking a strategic approach to cybersecurity.

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

WhizHack Technologies

WhizHack Technologies

WhizHack's mission is to not only create a pipeline of cyber security products but also to empower people to sustainable innovation in securing digital assets of tomorrow.

Cyware

Cyware

Cyware is the only company building Virtual Cyber Fusion Centers enabling end-to-end threat intelligence automation, sharing, and unprecedented threat response for organizations globally.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Smartcomply

Smartcomply

Smartcomply is an automated and AI-powered cybersecurity and compliance platform that aids businesses in reducing the time and money spent on cybersecurity and compliance.