Ethical Hackers at the Heart of HackerOne’s Cyber Strategy
San Francisco based cyber security leader HackerOne is the leader in Attack Resistance Management (ARM).
The company was founded in 2012 by hackers and security leaders who were passionate about making the internet safer, and it now blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to find and close gaps in the ever-evolving digital attack surface. This approach enables clients including Uber, Spotify, The United States Ministry of Defense, Goldman Sachs, GooglePlay, General Motors and Lufthansa to transform their business while staying ahead of threats.
“Vulnerability reporting and reward programs indeed require upfront investment and resources to launch,” shares Phil Venables, CISO at GooglePlay, Board Member of HackerOne, Member of the US President’s Council of Advisors on Science and Technology (PCAST) and Cyber Magazine’s Top 10 CISO.
“But that investment is made back when the risk of cybersecurity incidents, which can wreak significant monetary and reputational damage, is reduced. HackerOne’s Hacker-Powered Security Report found nearly three-quarters (70%) of its customers avoided a significant cybersecurity incident thanks to the work of ethical hackers.”
2023 results from ethical hackers
VPN specialist Surfshark is focussed on developing humanised privacy and security solutions, working to create solutions to secure the digital lives of those it interacted with by challenging the cybersecurity industry’s status quo.
Upon analysis of the HackerOne repository of security vulnerabilities reported by white-hat hackers, Surfshark found that 835 security vulnerabilities were found across 105 websites in 2023, earning at least US$450,000 for ethical hackers. The reported vulnerabilities are thanks to 93 ethical hackers, with 96 of the reports coming from The United States Department of Defense, and 28 from LinkedIn.
“Software vulnerabilities are not a matter of “if” but rather “when”. Considering that complex platforms may require millions of lines of code, it's inevitable that even the most advanced developers can leave some flaws behind. That’s why partnerships between companies and ethical hackers are so important”, says Agneska Sablovskaja, Research Team Lead at Surfshark.
“Once a security vulnerability becomes public, it’s only a matter of time before hackers try to take advantage of it, making the vulnerability much more dangerous than it was when it was not yet known,” comments Aleksandr Valentij, Surfshark’s Cyber Security Lead.
“That’s why developers rush to develop patches for vulnerabilities once they’re revealed and release these patches as software updates. Setting automatic updates for all apps is an easy way to make sure you have the safest version of an app at all times.”
**************
Make sure you check out the latest industry news and insights at Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
**************
Cyber Magazine is a BizClik brand
*************
- How can companies tackle vulnerabilities in cyber security?Network Security
- 5 minutes with Gary Brickhouse, CISO of GuidePoint SecurityCyber Security
- Palo Alto Networks Launches Supply Chain Security PlatformApplication Security
- How Bugcrowd identifies critical software vulnerabilitiesCyber Security