Ethical Hackers Have Earned $100m

Uploaded on 2020-06-01 in TECHNOLOGY--Hackers, FREE TO VIEW

Bug bounty platform HackerOne has recently announced that it has paid out $100,000,000 in rewards to white-hat hackers around the world at the end of May 2020. Since it started delivering vulnerability reports to its customers, HackerOne bug bounty hunters have found roughly 170,000 security vulnerabilities according to the company's CEO Mårten Mickos.

Freelance elite hackers can make more than $500,000 a year searching for security flaws and reporting those issues at big companies like Tesla and organizations like the US Department of Defense, according to new data released by ethical hacking platform Bugcrowd.

The company, founded in 2012, is one of a handful of so-called “bug bounty” firms that provide a platform for hackers to safely chase security flaws at companies that want to be tested.

Hackers work on a clearly defined contract for a specific company and get paid a bounty when they are able to find a flaw in a company’s infrastructure. How much they’re paid depends on how serious the problem is. Over 700,000 ethical hackers are now using the bug bounty platform to get paid for security bugs in the products of more than 1,900 HackerOne customers.

The total amount of rewards paid to hackers has grown from $10 million between 2014 and 2016, to $30 million between 2017 and 2019, and reached $50 million between Q2 2019 and Q2 2020. 

During 2018 alone, the 300,000 hackers who are part of the bug bounty program earned a combined $19 million in bounties, nearly as much as the platform has awarded in all of the company's previous years combined. 12% of hackers using HackerOne to report security vulnerabilities make over $20,000 each year only from bug bounties, while 1,1% will get rewards worth more than $350,000 annually and 3% being paid over $100,000 per year. It took 5 years to get to $20m in bounties paid.

8 White-Hat Hackers Have Become Millionaires

According to a survey, since enrolled on HackerOne's platform from two years ago, top hackers will earn on average 2.7 times more money in rewards than a software engineer's average salary in the same country. In August 2019 HackerOne also announced that eight of the hackers using its platforms have become millionaires. 

 "As a result of their creativity and tenacity, we predict hackers will have earned $1 billion in bug bounties within five years, protecting companies and governments alike from persistent and ephemeral threats," Maretn Mickos told Bleeping Computer.

To protect against cyberattacks, companies have been using a range of methods to allow people with hacking skills to test their defenses. Some companies use in-house penetration testers, often putting them on so-called red teams to play the role of a malicious collective trying take down corporate servers or steal information.

CNBC:     Bleeping Computer:      Secure World Expo:       

You Might Also Read: 

Young Hacker Makes $1m. Legally.

If you would like more specific information about how you can improve your business cyber security, please contact Cyber Security Intelligence and we will recommend the right solutions for you and your work. 

 

 

 

« PIN Authentication Significantly Reduces Cyber Attacks & Data Breaches
British Government Thinking Again About Huawei »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Libraesva

Libraesva

Libraesva specialize in Email Security. From Email Security, Phishing Awareness and Email Archiver. We can assist you with any email issues you may have.

Ikerlan

Ikerlan

Ikerlan is an R&D technology centre specialising in areas including embedded systems, industrial automation and industrial cybersecurity.

World Wide Technology (WWT)

World Wide Technology (WWT)

WWT is a technology solution provider in the areas of big data, collaboration, computing and cloud, mobility, networking, security and storage.

Intrusion

Intrusion

Intrusion provides IT professionals with the most robust tool set available for performing in-depth research and analysis of network traffic.

Penta Security

Penta Security

Founded on its data encryption technology, Penta Security is a leading provider of web and data security products, solutions and services.

Securicon

Securicon

Securicon provides expert consulting for application, system and network security.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

SearchInform

SearchInform

SearchInform is a leading risk management product developer, protecting business and government institutions against data theft, harmful human behavior, compliance breaches and incomplete audit.

eMazzanti Technologies

eMazzanti Technologies

eMazzanti Technologies provides IT consulting services for businesses ranging from home offices to multinational corporations throughout the USA and internationally.

Comparitech

Comparitech

Comparitech strives to promote cyber security and privacy for all. We are committed to providing detailed information to help our readers become more cyber secure and cyber aware.

Stacklok

Stacklok

Stacklok are an Open Source first security company enabling safe Open Source Software consumption.

CyberXpert

CyberXpert

CyberXpert is your cybersecurity partner for the public and private sector in Belgium.

Boston Government Services (BGS)

Boston Government Services (BGS)

Boston Government Services is an engineering, technology, and security firm providing mission-focused solutions for the clean energy, nuclear, and federal programs markets.

Secure Enterprise Engineering (SEE)

Secure Enterprise Engineering (SEE)

SEE provides disruptive cybersecurity system engineering, architecture, and operational capabilities to make our customer’s missions execute faster, smarter, and more securely.