HackerOne's Bug Bounties Skyrocketed To $40 Million in 2019

HackerOne's Bug Bounties Skyrocketed To $40 Million in 2019 (venturebeat.com) 6

Posted by msmash on Monday February 24, 2020 @02:45PM from the security-woes dept.

Bug bounty platform HackerOne paid out $40 million in bounties in 2019, roughly equal to the total for all previous years combined. From a report: Moreover, the company announced that its community almost doubled in the past year to 600,000 registered hackers. The announcement comes as the cybersecurity industry struggles with a workforce shortage, which is in turn compounded by growing cyberattacks that could cost the industry $6 trillion by 2021. As companies invest significant resources in battling external threats, HackerOne aims to pay good actors to find bugs before bad actors enter the fray, reducing the need for costly remediation measures further down the line.

Founded in 2012, HackerOne essentially connects companies with security researchers, or "white hat hackers," who receive cash incentives to find and report software vulnerabilities. The San Francisco-based company has raised north of $100 million since its inception, including a $36.4 million tranche a few months back, and has paid out $82 million in bounties since its inception. According to HackerOne, U.S.-based hackers earned 19% of all bounties in 2019, followed by hackers in India (10%), Russia (8%), China (7%), Germany (5%), and Canada (4%). These figures were released as part of HackerOne's annual hacker report, which included a survey of 3,150 hackers.

HackerOne's Bug Bounties Skyrocketed To $40 Million in 2019

This discussion has been archived. No new comments can be posted.

Load All Comments

Search 6 Comments Log In/Create an Account

Comments Filter:

- Re: (Score:1)
  
  by Anonymous Coward writes:
  
  I looked at HackerOne a while ago and decided against using them, and instead deal directly with the companies when I could. So far my highest payout is five figures, which honestly surprised me that they really did pay so much for such bugs. Nice little gig for spare time after work if that is your sort of thing.
- Re: (Score:2)
  
  by DontBeAMoran ( 4843879 ) writes:
  
  Oh, I love Dragon Warrior! But which vendor are you talking about? The one in Brecconary or Rimuldar?
- Re: (Score:1)
  
  by Anonymous Coward writes:
  
  The vulnerability market has an inherent issue of trust - two entities wanting what the other has, but someone has to give up their item first and trust that the other party will act fairly. In the bug bounty programs, the vulnerability is submitted to the company or broker, who then evaluates it and says what they say it is worth. By that time, the information has already been disclosed and the discloser is at the mercy of the other party to 1) not take it and run (the implication in the article of what Pa
It's impossible to protect ourselves (Score:2)

by DontBeAMoran ( 4843879 ) writes:

How do you bypass all the backdoors and bullshit that is built-in the CPUs themselves?
And with CPU companies now entering the wireless ICs market, that's just one more backdoor with easier access than ever.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

HackerOne's Bug Bounties Skyrocketed To $40 Million in 2019 (venturebeat.com) 6

HackerOne's Bug Bounties Skyrocketed To $40 Million in 2019 More Login

HackerOne's Bug Bounties Skyrocketed To $40 Million in 2019

Re: (Score:1)

Re: (Score:2)

Re: (Score:1)

It's impossible to protect ourselves (Score:2)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot