New Delhi, May 28 : Ethical hackers have broken all records by earning $100 million in bug bounties on the leading security platform HackerOne, a 85.6 per cent growth (year over year) in total bounty payments with 17.5 per cent increase since Covid-19 was declared a pandemic, the organisation said on Thursday.
The global community of hackers has uncovered 170,000 vulnerabilities in nearly 2,000 customer programme, changing the way organisations perform security.
In April, $5.9 million were paid to ethical hackers for addressing the growing security needs of increasingly interconnected society.
“$6,000 in bug bounties is being paid out on the platform every hour. Nearly 84 new hackers sign up on the platform every hour,” said HackerOne.
San Francisco-based HackerOne has General Motors, Google, Goldman Sachs, PayPal, Hyatt, Twitter, GitHub, Nintendo, Lufthansa, Microsoft, Qualcomm, Starbucks, Dropbox and Intel, among others, on its customers’ list.
“We are building a community able to test and vet every piece of our digital connected civilisation,” said HackerOne CEO Marten Mickos.
“$100 million is a number that attracts the best hackers, providing companies and governments unmatched return on investment (ROI), significantly reducing the risk of data breach. We have arrived at the point in history where you are ignorant and negligent if you do not have a way to receive useful input from ethical hackers,” he added.
Within the next 15 years, the company expects to have produced over 500 Chief Information Security Officers (CISOs) out of its hacker ranks.
“Hackers will earn $1 billion in bug bounties within five years on HackerOne,” it added.
“Our first priority at Dropbox is the safety of our customers’ data, and we’ve looked to the global security research community on HackerOne to validate the security of our platform continuously,” said Justin Berman, Head of Security at Dropbox.
“We have an industry-leading vulnerability disclosure programme that protects ethical researchers and partnered with HackerOne to include sensitive vendors in the scope of our bug bounty programme to help protect our entire ecosystem,” he added.