Ethical Hackers at the Heart of HackerOne’s Cyber Strategy

HackerOne offers public leaderboards ranking ethical hackers
Surfshark uses HackerOne’s repository to highlight the successes of ethical hackers in finding software vulnerabilities, emphasising their efficiencies

San Francisco based cyber security leader HackerOne is the leader in Attack Resistance Management (ARM). 

The company was founded in 2012 by hackers and security leaders who were passionate about making the internet safer, and it now blends the security expertise of ethical hackers with asset discovery, continuous assessment, and process enhancement to find and close gaps in the ever-evolving digital attack surface. This approach enables clients including Uber, Spotify, The United States Ministry of Defense, Goldman Sachs, GooglePlay, General Motors and Lufthansa to transform their business while staying ahead of threats.

Youtube Placeholder

“Vulnerability reporting and reward programs indeed require upfront investment and resources to launch,” shares Phil Venables, CISO at GooglePlay, Board Member of HackerOne, Member of the US President’s Council of Advisors on Science and Technology (PCAST) and Cyber Magazine’s Top 10 CISO.

“But that investment is made back when the risk of cybersecurity incidents, which can wreak significant monetary and reputational damage, is reduced. HackerOne’s Hacker-Powered Security Report found nearly three-quarters (70%) of its customers avoided a significant cybersecurity incident thanks to the work of ethical hackers.”

2023 results from ethical hackers 

VPN specialist Surfshark is focussed on developing humanised privacy and security solutions, working to create solutions to secure the digital lives of those it interacted with by challenging the cybersecurity industry’s status quo.

Upon analysis of the HackerOne repository of security vulnerabilities reported by white-hat hackers, Surfshark found that 835 security vulnerabilities were found across 105 websites in 2023, earning at least US$450,000 for ethical hackers. The reported vulnerabilities are thanks to 93 ethical hackers, with 96 of the reports coming from The United States Department of Defense, and 28 from LinkedIn.

“Software vulnerabilities are not a matter of “if” but rather “when”. Considering that complex platforms may require millions of lines of code, it's inevitable that even the most advanced developers can leave some flaws behind. That’s why partnerships between companies and ethical hackers are so important”, says Agneska Sablovskaja, Research Team Lead at Surfshark.

“Once a security vulnerability becomes public, it’s only a matter of time before hackers try to take advantage of it, making the vulnerability much more dangerous than it was when it was not yet known,” comments Aleksandr Valentij, Surfshark’s Cyber Security Lead. 

“That’s why developers rush to develop patches for vulnerabilities once they’re revealed and release these patches as software updates. Setting automatic updates for all apps is an easy way to make sure you have the safest version of an app at all times.”


Make sure you check out the latest industry news and insights at Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024


Cyber Magazine is a BizClik brand 



Featured Articles

UK Takes Steps to Strengthen Country's Cyber Security

The new government have made cybersecurity one of their top priorities as they lay out their plans for what they intend to do in power

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

BlueVoyant has unveiled a new Cyber Defense Platform which aims to tackle the growing attack surface introduced by the ecosphere of third-party vendors

Irdeto’s Andrew Bunten Talks Securing Online Content Streams

With online streaming services being bigger than ever, Irdeto’s Andrew Bunten explains how they manage to keep streams safe despite the huge attack surface

Fortinet Cyber Survey Shows Global Scope of Skills Gap

Operational Security

What ChatGPT Passing an Ethical Hacking Exam Means for Cyber

Technology & AI

Learn How CTEM can Upskill Your Cyber Strategy

Network Security