HackerOne on Monday released a listing of the firms which own paid out primarily the most cash by technique of their malicious program bounty programs.
The head 10 malicious program bounty programs on HackerOne are bound by Verizon Media, PayPal, Uber, Intel, Twitter, GitLab, Mail.ru, GitHub, Valve and Airbnb. Right here’s in accordance to how grand they paid out since the launch of their program except April 2020, excluding awards from live hacking events.
In conserving with HackerOne, Verizon has paid out better than $9.4 million since the launch of its program in February 2014, with a top bounty of $70,000 and an reasonable first response time of 8 hours. It’s worth noting that Verizon modified into as soon as also at the tip of the listing final year, however by April 2019 it had fully awarded roughly $1.8 million.
PayPal, which final year occupied the third bellow, modified into as soon as 2nd this year, with a entire of virtually $2.8 million paid out between August 2018 and April 2020. The funds giant had an reasonable first response time of 4 hours and its absolute most reasonable bounty modified into as soon as $30,000.
Uber dropped from 2nd to 3rd bellow, with over $2.4 million paid out since December 2014 and a top bounty of $50,000. Subsequent in line is Intel, with almost $1.9 million paid out since March 2017.
Twitter modified into as soon as in fifth bellow with almost $1.3 million awarded since Might well perchance moreover merely 2014. The social media giant had an reasonable response time of 12 hours and its reasonable time to bounty modified into as soon as 8 days, with a most bounty of merely over $20,000.
GitLab paid out a entire of $1.2 million, adopted by Mail.ru with $1.1 million. Each and each firms launched their programs in 2014 and each awarded a top bounty of $20,000, however GitLab has the fully response time within the tip 10, at one hour.
GitHub, Valve and Airbnb were all getting stop to $1 million entire bounties paid out by April 2020.
“These 10 organizations are serving to to spell out the truth: hackers aloof own the entire again this day,” acknowledged Alex Rice, CTO and co-founding father of HackerOne. “With instrument pattern cycles turning into increasingly valid, security groups are left playing bag up. To accommodate this rapid-paced manner, firms are in desperate need of a security contrivance that will grow and adapt at the tempo of innovation. These organizations are meeting criminals on the battlefield with hackers dedicated to doing valid, discovering vulnerabilities in valid time sooner than they are going to be exploited.”
HackerOne reported lately that malicious program bounty hunters earned better than $100 million by technique of its malicious program bounty platform since October 2013.
Linked: Tencent Partners With HackerOne for Trojan horse Bounty Program
Linked: Sony Launches PlayStation Trojan horse Bounty Program on HackerOne
Linked: Hacker Earns $8,500 for Vulnerability in HackerOne Platform
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He labored as a high school IT teacher for 2 years sooner than initiating a profession in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer tactics applied in electrical engineering.Outdated Columns by Eduard Kovacs: