Young Hacker Makes $1m. Legally.

A 19-year-old Argentinian has just made history as the first to earn over $1,000,000 in bounty awards on HackerOne.

Since joining HackerOne in 2015, Santiago Lopez (pictured) has reported over 1,670 valid unique vulnerabilities to companies such as Verizon Media Company, Twitter, Wordpress, Automattic, and HackerOne, as well as private programs. He consistently tops the HackerOne leaderboards, with the 91st percentile for signal, 84th percentile for impact, 2nd overall on the platform, and over 37,000+ reputation!

As a self-taught hacker, primarily using blogs and YouTube to expand his skills, Santiago shows us all that learning to hack is not reserved for the traditional classroom.

According to a recent study, 81% of hackers point to online resources and blogs as their primary source for hacking education, while just six percent have completed a formal class or certification on hacking.

Bug bounty hackers are filling a new niche that is in high demand in the booming cybersecurity job market. Organisations like Starbucks, Verizon Media, Toyota, Airbnb and even government agencies such as the US Department of Defense are working with ethical hackers to find security vulnerabilities in their systems before they can be exploited.

These organisations are increasingly relying on the hackers as another layer to keep their customers safe and many are willing to pay top dollar for these vulnerabilities. Companies pay an average of $2,000 for a critical vulnerability, with bounties as high as $100,000 for a single flaw.

Organisations and government agencies are attracted to bug bounty programs because they can work with some of the brightest minds without being geographically restricted or having to go through lengthy recruitment processes. To put this into perspective, the US saw more than 313,000 cybersecurity job openings between September 2017 and August 2018.

Hackers are now building successful careers with bug bounties. Hacking is becoming one of the most lucrative jobs in the world, earning more than physicians and architects in the US.

A physician earns an average of $195,000 and an architect earns an average of $115,000; meanwhile, the top paid hackers are earning three times that as some companies are paying out millions each year. HackerOne has a community of over 400,000 hackers.

These hackers were paid over $19 million in 2018 alone and more than $50 million in total, all in the name of making the Internet safer.

Considering all the benefits on offer, including a flexible work schedule, a great deal of autonomy, an active community to learn from and a potential to earn good money, how can you embark on a career as a hacker? The best news is that one doesn’t need to go back to school.

Many skills required to become a successful hacker can be learned online, for free or minimal cost. Anyone with the drive and high degree of curiosity can become a hacker.

So where to start?

Embarking on a career in hacking has never been more encouraged or more rewarding, both financially and personally. Even though anyone can essentially teach themselves how to hack with the tools available online today, the one skill hackers must inherently have is the ability to problem solve and a strong sense of curiosity around how technology works and how it could possibly fail us. With that, here are my top resources to learn how to hack:

The ethical hacking industry is booming and, whether you are looking for a lucrative hobby or full-time pursuit, there is no better time to embark on a career as a hacker.

Infosecurity           HackerOne:          ATV

You Might Also Read:

Ethical Hacker Guilty Of Malware Attacks:

Hackers Paid Big Money To Improve Cybersecurity:

 

 

« Israel Hits Back At Hamas Cyber Attackers
AI In Cyber Security Is Worth Almost $5B »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NextPlane

NextPlane

NextPlane provide secure real-time B2B unified communication and collaboration solutions within and across business systems.

QA Systems

QA Systems

QA Systems provides software testing solutions for safety and business critical sectors and software safety and security standards.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

Cleafy

Cleafy

Cleafy are a team of fraud hunters, cybersecurity experts, data scientists, and software engineers. Our purpose is to make people’s life easier and free from the threats in the digital ecosystem.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

ICS Cyber Security Conference

ICS Cyber Security Conference

SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity.

RiskXchange

RiskXchange

RiskXchange's cybersecurity risk rating solution helps businesses solve complex cybersecurity and compliance challenges by providing a 360-degree view of your cybersecurity posture.

Lattice Semiconductor

Lattice Semiconductor

Lattice Semiconductor solves customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive and consumer markets.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

TrustCloud

TrustCloud

TrustCloud is a global company specializing in the orchestration and custody of secure digital transactions including identification, signature, payments, and electronic custody.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.

Disecto Technologies

Disecto Technologies

At Disecto, we provide SaaS based Data Discovery, Classification and a remediation solution for data privacy compliance.

XBOW

XBOW

XBOW brings AI to offensive security, augmenting the work of bug hunters and security researchers.

Cypheria

Cypheria

Cypheria harness the expertise of elite military units and combine it with extensive digital combat experience to deliver unparalleled security solutions for organizations.

Neeve

Neeve

Neeve is an edge cloud platform transforming smart buildings and spaces, making them more secure, smarter, and more sustainable.