Ethical Hackers Have Earned $100m

Uploaded on 2020-06-01 in TECHNOLOGY--Hackers, FREE TO VIEW

Bug bounty platform HackerOne has recently announced that it has paid out $100,000,000 in rewards to white-hat hackers around the world at the end of May 2020. Since it started delivering vulnerability reports to its customers, HackerOne bug bounty hunters have found roughly 170,000 security vulnerabilities according to the company's CEO Mårten Mickos.

Freelance elite hackers can make more than $500,000 a year searching for security flaws and reporting those issues at big companies like Tesla and organizations like the US Department of Defense, according to new data released by ethical hacking platform Bugcrowd.

The company, founded in 2012, is one of a handful of so-called “bug bounty” firms that provide a platform for hackers to safely chase security flaws at companies that want to be tested.

Hackers work on a clearly defined contract for a specific company and get paid a bounty when they are able to find a flaw in a company’s infrastructure. How much they’re paid depends on how serious the problem is. Over 700,000 ethical hackers are now using the bug bounty platform to get paid for security bugs in the products of more than 1,900 HackerOne customers.

The total amount of rewards paid to hackers has grown from $10 million between 2014 and 2016, to $30 million between 2017 and 2019, and reached $50 million between Q2 2019 and Q2 2020. 

During 2018 alone, the 300,000 hackers who are part of the bug bounty program earned a combined $19 million in bounties, nearly as much as the platform has awarded in all of the company's previous years combined. 12% of hackers using HackerOne to report security vulnerabilities make over $20,000 each year only from bug bounties, while 1,1% will get rewards worth more than $350,000 annually and 3% being paid over $100,000 per year. It took 5 years to get to $20m in bounties paid.

8 White-Hat Hackers Have Become Millionaires

According to a survey, since enrolled on HackerOne's platform from two years ago, top hackers will earn on average 2.7 times more money in rewards than a software engineer's average salary in the same country. In August 2019 HackerOne also announced that eight of the hackers using its platforms have become millionaires. 

 "As a result of their creativity and tenacity, we predict hackers will have earned $1 billion in bug bounties within five years, protecting companies and governments alike from persistent and ephemeral threats," Maretn Mickos told Bleeping Computer.

To protect against cyberattacks, companies have been using a range of methods to allow people with hacking skills to test their defenses. Some companies use in-house penetration testers, often putting them on so-called red teams to play the role of a malicious collective trying take down corporate servers or steal information.

CNBC:     Bleeping Computer:      Secure World Expo:       

You Might Also Read: 

Young Hacker Makes $1m. Legally.

If you would like more specific information about how you can improve your business cyber security, please contact Cyber Security Intelligence and we will recommend the right solutions for you and your work. 

 

 

 

« PIN Authentication Significantly Reduces Cyber Attacks & Data Breaches
British Government Thinking Again About Huawei »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Computer Laboratory - University of Cambridge

Computer Laboratory - University of Cambridge

Computer security has been among the Laboratory’s research interests for many years, along with related topics such as cryptology

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Sasa Software

Sasa Software

Sasa Software is a cybersecurity software developer specializing in the prevention of file-based network attacks.

The Media Trust

The Media Trust

The Media Trust continuously scans websites, ad tags and mobile apps and alerts on anomalies affecting websites and visitors.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

Romanian Association for Information Security Assurance (RAISA)

Romanian Association for Information Security Assurance (RAISA)

RAISA promotes and supports information security activities and creates a community for the exchange of knowledge between specialists, academic and corporate environment in Romania.

NetKnights

NetKnights

NetKnights is an independent IT security company which offers services and products for strong authentication, identity management and encryption.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Cipher

Cipher

Founded in 2000, Cipher is a global cybersecurity company that delivers a wide range of Managed Security Services.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

N-able

N-able

N-Able deliver simple and sophisticated monitoring, security, and business solutions that empower you to solve your toughest IT challenges.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Amazon Web Services is the world’s most comprehensive and broadly adopted cloud platform, offering fully featured services from data centers globally.

Hush

Hush

Hush is a premium privacy service that gives people unprecedented visibility and control of their digital footprint. Hush assesses threats, and goes to work to eliminate digital risks on your behalf.

Theta

Theta

Theta is a New Zealand owned technology consultancy. Our team of over 330 experienced professionals help organisations transform with technology.

Cyro Cyber

Cyro Cyber

Cyro Cyber is a collective of some of the UK’s most experienced and savvy cybersecurity, information assurance, data protection, IT governance and compliance experts.