White hat hackers “are in very high demand,” says PwC’s director of cyber investigation and breach response, in a New York Post article titled “Companies are paying millions to get hacked — on purpose.” An anonymous reader quotes their report:
HackerOne, a San Francisco-based “vulnerability coordination and bug bounty platform,” reports that it has some 800 corporate customers who paid out more than $15 million in bonuses to white-hat hackers since its founding in 2012. Most of that bounty was paid in the past two years, as companies have become more aware of their cyber vulnerabilities. Clients that have used the platform include General Motors, Uber, Twitter, Starbucks and even the US Department of Defense.
Google paid $3 million last year through its own bounty program, according to HackerOne’s CEO Marten Micko, who touts his company’s “turn-key” solution — a platform which now offers the services of 100,000 ethical (and vetted) hackers. “With a diverse group, all types of vulnerabilities can be found,” Micko told TechRepublic. “This is a corollary to the ‘given enough eyeballs’ wisdom… they find them faster than other solutions, the hunting is ongoing and not happening at just one time, and the cost is a tenth of what it would be with other methods.” And one of the platform’s white hat hackers has already earned over $600,000 in just two years.
Read more of this story at Slashdot.