Ethical Hackers at the Heart of HackerOne’s Cyber Strategy

Share
HackerOne offers public leaderboards ranking ethical hackers
Surfshark uses HackerOne’s repository to highlight the successes of ethical hackers in finding software vulnerabilities, emphasising their efficiencies

San Francisco based cyber security leader HackerOne is the leader in Attack Resistance Management (ARM). 

The company was founded in 2012 by hackers and security leaders who were passionate about making the internet safer, and it now blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to find and close gaps in the ever-evolving digital attack surface. This approach enables clients including Uber, Spotify, The United States Ministry of Defense, Goldman Sachs, GooglePlay, General Motors and Lufthansa to transform their business while staying ahead of threats.

Youtube Placeholder

“Vulnerability reporting and reward programs indeed require upfront investment and resources to launch,” shares Phil Venables, CISO at GooglePlay, Board Member of HackerOne, Member of the US President’s Council of Advisors on Science and Technology (PCAST) and Cyber Magazine’s Top 10 CISO.

“But that investment is made back when the risk of cybersecurity incidents, which can wreak significant monetary and reputational damage, is reduced. HackerOne’s Hacker-Powered Security Report found nearly three-quarters (70%) of its customers avoided a significant cybersecurity incident thanks to the work of ethical hackers.”

2023 results from ethical hackers 

VPN specialist Surfshark is focussed on developing humanised privacy and security solutions, working to create solutions to secure the digital lives of those it interacted with by challenging the cybersecurity industry’s status quo.

Upon analysis of the HackerOne repository of security vulnerabilities reported by white-hat hackers, Surfshark found that 835 security vulnerabilities were found across 105 websites in 2023, earning at least US$450,000 for ethical hackers. The reported vulnerabilities are thanks to 93 ethical hackers, with 96 of the reports coming from The United States Department of Defense, and 28 from LinkedIn.

“Software vulnerabilities are not a matter of “if” but rather “when”. Considering that complex platforms may require millions of lines of code, it's inevitable that even the most advanced developers can leave some flaws behind. That’s why partnerships between companies and ethical hackers are so important”, says Agneska Sablovskaja, Research Team Lead at Surfshark.

“Once a security vulnerability becomes public, it’s only a matter of time before hackers try to take advantage of it, making the vulnerability much more dangerous than it was when it was not yet known,” comments Aleksandr Valentij, Surfshark’s Cyber Security Lead. 

“That’s why developers rush to develop patches for vulnerabilities once they’re revealed and release these patches as software updates. Setting automatic updates for all apps is an easy way to make sure you have the safest version of an app at all times.”

**************

Make sure you check out the latest industry news and insights at Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

**************

Cyber Magazine is a BizClik brand 

*************

Share

Featured Articles

Cloudflare: Dissecting the Cyberattacks of the US Election

Cloudflare reports on traffic shifts and cyberattacks during the US election highlight how the use of digital democracy and cybersecurity go hand in hand

Markel Cyber Director on Lessons from the Crowdstrike Outage

Markel Cyber Director Chris Burgess discusses how the Crowdstrike outage sparked a renewed focus on resilience and cyber insurance

Why Dow Jones Has Increased Its Investment in Ripjar

Dow Jones has increased its investment with Ripjar for the companies ability to strengthen its analytics and compliance services

Who Stands to Fill Top Cyber Posts in Trump Administration?

Cyber Security

DARPA, BBN Technologies and the Cyber Imperative for CPM

Operational Security

Mimecast Updates Bring AI to BEC Battleground

Technology & AI