There are many bug bounty programmes surfacing, encouraging white hat hackers to report vulnerabilities found in companies’ websites and software. The platform, HackerOne recently announced how successful the programme was for two particular hackers who collectively earned more than $1 million.
In HackerOne’s 2019 Hacker report, it also highlighted how 300,000 members collectively earnt over $42million for reporting over 100,000 flaws in companies systems and software. Hackers could make up to $100,000 on one job alone.
Emerging talents from HackerOne
One of the two most successful hackers was 19-year-old self-taught Santiago Lopez from Argentina. He discovered thousands of vulnerabilities over the last three years within company systems such as Twitter. The other successful white hat hacker is Mark Litchfield who discovered flaws in systems of companies such as Starbucks, Shopify and Dropbox.
Statistics from the report further revealed that a majority of members were under the age of 35. Only 11% were over the age of 35. Despite this figure, members over the age of 35 accounted for over 9% of successfully found vulnerabilities.
Findings also revealed the majority of them were self-taught. One of the reasons for this is the increasing number of learning channels available today. For example, there are YouTube tutorials, freely accessible seminars on websites and open source news and reports. Not only are there various learning styles available but also it brings information sharing opportunities. Platforms such as this allow hackers to test what they learnt and gain experience as well as knowledge. The report revealed only 6% of members held formal certification on hacking.
Members came from over 150 countries. The top five countries where the majority of them resided in were India, U.S, Canada, Russia and the UK. This was expected. This year, however, saw white-hat hackers emerging from Ecuador, Ghana, Kenya, Algeria and Namibia.
Bug Bounty Programmes continue to thrive
The hacking industry is currently thriving due to the pressure by regulations for organisations to do more to protect their assets in cyberspace. The added pressure brings more demand for white-hat hackers to help organisations with their vulnerabilities. It also helps a lot of the members gain experience and progress their career or passion for ethical hacking. With technology continuing to evolve so rapidly and global interest, the industry does not show any signs of slowing down anytime soon.