Google’s highest priority is to keep its customers safe, shelling up to $100,000 for a single vulnerability report. Though there are several hackers who’ve assisted Google in filtering its Play Store from malware and bugs, one startup, in particular, caught my attention. Introducing HackerOne- a bug bounty program management site for vulnerability coordination and making the internet a safer place. The venture-backed startup is headquartered in San Francisco and resolves security issues for leading tech giants like Google.
The minds behind this startup include Jobert Abma, the 25-year-old hacker from the Netherlands and his best friend, Michiel Prins. Their journey together started when Abma as a graduation gift handed the username and password to a local TV station that broadcasted regular news about the school. The authorities weren’t very happy when these two young minds hacked into their system and ran their own broadcast on Live TV. The turning point came in their first year of Hanze University of Applied Sciences in the Netherlands where the duo spotted an access point in the school’s software- used to manage homework assignments and grades. They instantly reported the issue to the software vendor, but when he didn’t give a response, the pair reported the matter to the University. The school immediately fixed the problem and hired the pair to conduct a bigger vulnerability test on that university software. Once they started getting contracts from big banking and insurance companies in the Netherlands, the pair knew their mission. They moved to San Francisco and cofounded HackerOne along with Alex Rice, the former head of product security at Facebook. The company has an army of hackers who detect bugs before the dark web, each detected bug comes at a price and the company takes 20 percent cut. Its clientele includes Department of Defense, GM, Slack, Twitter, Yahoo, and Uber.
Most companies pay between $500 and $1,000 per qualified hole found. HackerOne has gathered 500 customers raising$34 million in funding. The company has about 50 employees and paid out $6 million in bounties in February and up to $7 million by April. In the last 8 months, Abma has made an extra $80,000 on bug bounties. Some hackers, the best of the lot that can detect the nastiest bug are making $200,000 a year. Do you want to become a bug bounty hunter?