Security News > 2020 > September > It's been a vintage year for bug bounty hunters, says HackerOne as it boasts of $40m+ passing through its treasure chests

It's been a vintage year for bug bounty hunters, says HackerOne as it boasts of $40m+ passing through its treasure chests
2020-09-22 21:06

Bounty-hunting hackers are uncovering new vulnerabilities every two minutes on average, according to bug bounty platform HackerOne.

"Mickos rejected the idea that ethical hackers deprived of a legitimate bug bounty market would instead sell newly discovered vulnerabilities to black hats for exploitation, saying:"If we didn't organise this program, the vulnerabilities would not be sold to criminals.

Industry sectors showing greater interest in setting up bug bounty programmes through HackerOne included hardware, consumer goods vendors, education, and healthcare.

British companies paid out $560,000 over the last year through HackerOne, and UK-based hackers recouped around $1m. The US led the platform's spending by far with $39m passing through its coffers, and US hackers receiving $7m in bounty payouts.

The COVID-19 pandemic had an impact on bug bounty hunting, with Mickos acknowledging "An increase in activity of ethical hacking" in the early part of 2020: "We saw more hackers signing up and submitting vulnerabilities than before. And the difference was enough to give us reason to believe it was COVID causing it."


News URL

https://go.theregister.com/feed/www.theregister.com/2020/09/22/hackerone_hacker_powered_security_report/