Young Hacker Makes $1m. Legally.

A 19-year-old Argentinian has just made history as the first to earn over $1,000,000 in bounty awards on HackerOne.

Since joining HackerOne in 2015, Santiago Lopez (pictured) has reported over 1,670 valid unique vulnerabilities to companies such as Verizon Media Company, Twitter, Wordpress, Automattic, and HackerOne, as well as private programs. He consistently tops the HackerOne leaderboards, with the 91st percentile for signal, 84th percentile for impact, 2nd overall on the platform, and over 37,000+ reputation!

As a self-taught hacker, primarily using blogs and YouTube to expand his skills, Santiago shows us all that learning to hack is not reserved for the traditional classroom.

According to a recent study, 81% of hackers point to online resources and blogs as their primary source for hacking education, while just six percent have completed a formal class or certification on hacking.

Bug bounty hackers are filling a new niche that is in high demand in the booming cybersecurity job market. Organisations like Starbucks, Verizon Media, Toyota, Airbnb and even government agencies such as the US Department of Defense are working with ethical hackers to find security vulnerabilities in their systems before they can be exploited.

These organisations are increasingly relying on the hackers as another layer to keep their customers safe and many are willing to pay top dollar for these vulnerabilities. Companies pay an average of $2,000 for a critical vulnerability, with bounties as high as $100,000 for a single flaw.

Organisations and government agencies are attracted to bug bounty programs because they can work with some of the brightest minds without being geographically restricted or having to go through lengthy recruitment processes. To put this into perspective, the US saw more than 313,000 cybersecurity job openings between September 2017 and August 2018.

Hackers are now building successful careers with bug bounties. Hacking is becoming one of the most lucrative jobs in the world, earning more than physicians and architects in the US.

A physician earns an average of $195,000 and an architect earns an average of $115,000; meanwhile, the top paid hackers are earning three times that as some companies are paying out millions each year. HackerOne has a community of over 400,000 hackers.

These hackers were paid over $19 million in 2018 alone and more than $50 million in total, all in the name of making the Internet safer.

Considering all the benefits on offer, including a flexible work schedule, a great deal of autonomy, an active community to learn from and a potential to earn good money, how can you embark on a career as a hacker? The best news is that one doesn’t need to go back to school.

Many skills required to become a successful hacker can be learned online, for free or minimal cost. Anyone with the drive and high degree of curiosity can become a hacker.

So where to start?

Embarking on a career in hacking has never been more encouraged or more rewarding, both financially and personally. Even though anyone can essentially teach themselves how to hack with the tools available online today, the one skill hackers must inherently have is the ability to problem solve and a strong sense of curiosity around how technology works and how it could possibly fail us. With that, here are my top resources to learn how to hack:

The ethical hacking industry is booming and, whether you are looking for a lucrative hobby or full-time pursuit, there is no better time to embark on a career as a hacker.

Infosecurity           HackerOne:          ATV

You Might Also Read:

Ethical Hacker Guilty Of Malware Attacks:

Hackers Paid Big Money To Improve Cybersecurity:

 

 

« Israel Hits Back At Hamas Cyber Attackers
AI In Cyber Security Is Worth Almost $5B »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

American International Group (AIG)

American International Group (AIG)

AIG, is an American multinational insurance corporation. Commercial services include cyber risk insurance.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

Coalition

Coalition

Coalition combines comprehensive insurance and proprietary security tools to help businesses manage and mitigate cyber risk.

Uniwan

Uniwan

Uniwan is an IT services company specializing in networking and security.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

eResilience

eResilience

eResilience is a division of Referentia Systems, a pioneer in an ultra-secure information safeguarding technique known as “Enclaving”, in which data can be segmented and protected within a network.

Dataprovider.com

Dataprovider.com

Our Brand Protection Suite gives you the tools to discover trademark infringement on the Internet, such as websites selling counterfeit products, even when this is not immediately noticeable.

Blackpoint Cyber

Blackpoint Cyber

Blackpoint’s mission is to provide effective, affordable real-time threat detection and response to organizations of all sizes around the world.

spriteCloud

spriteCloud

spriteCloud is an independent software testing, test automation and cybersecurity services provider.

Cyvatar

Cyvatar

Cyvatar is a technology-enabled cyber security as a service (CSaaS) provider delivering smarter managed security to help you achieve compliance and security faster and more efficiently.

Infosec Institute

Infosec Institute

Infosec is a leading cybersecurity training company, we help IT and security professionals advance their careers with skills development and certifications.

Crypto Legal

Crypto Legal

Crypto Legal is a leading UK-based law firm specialising in blockchain forensics and legal services.

Kusari

Kusari

Securing your software supply chain starts with understanding. Kusari is on a mission to bring transparency to your software supply chain and power secure development.

Sensity

Sensity

Sensity is a company that offers an AI-driven solution to detect and verify deepfakes and other forms of identity fraud.

iConnect IT Business Solutions DMCC

iConnect IT Business Solutions DMCC

iConnect is a trusted IT Solutions and Technology Services company, proudly serving clients across the Middle East and Africa.