Jump to content
Sign in to follow this  

Hackers scored a record $40M in bug bounties in 2019

Recommended Posts




In brief: Hacking may have a negative connotation in many people's minds. Still, there is an increasing number of hackers that are using their skills to help corporations and governments avoid SNAFUs that end up costing them billions of dollars. HackerOne's mission is to connect hackers and organizations, who are now pouring $40 million a year for bug bounties.

Hackers who leak industry secrets like the one that divulged the Switch ahead of launch put their freedom at great risk, but others can make a small fortune if they focus on using their skills for ethical purposes.


It might seem hard to believe, but according to an annual report from the bug bounty platform HackerOne, the so-called white hat community has been snowballing over the last few years. The organization said its base or registered hackers exceeded 600,000 in 2019, double the number it had in 2018.


To put things in perspective, HackerOne notes that in 2019, companies like Google, Goldman Sachs, IBM, Toyota, Dropbox, and General Motors paid ethical hackers a record $40 million in bounties. That amount is almost equal to the total awarded for all prior years combined.




HackerOne launched in 2012 and has since connected companies and hackers who want to find serious bugs and security flaws in exchange for a financial reward. These efforts have led to more than $82 million being awarded for a total of over 150,000 vulnerabilities. It has also encouraged companies to increase bounty amounts.


In 2018, one hacker received a $1 million bounty for his work, and there are now 146 hackers that earn $100,000 a year, which makes this look increasingly like a lucrative career path. Companies aren't the only ones interested in their skills. Governments are big customers as well. For example, the US Department of Defense has several partner programs with HackerOne, and the same is true for the European Commission and its Free and Open Source Software Auditing project.


According to a Cybersecurity Ventures analysis, cybercrime is expected to produce around $6 trillion in damages by 2021. HackerOne says many organizations could benefit from opening up to the potential benefits of ethical hacking, but 93 percent of Forbes 2000 companies don't even have a vulnerability disclosure policy in place to facilitate communication with the security community.



Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...