The ethical hacking community has earned $300 million in total all-time rewards on the HackerOne platform. In addition, thirty hackers have made over a million dollars on the network; one hacker’s total profits have surpassed four million dollars.
Through ongoing adversarial testing, HackerOne identifies the most important flaws in an organization’s attack surface to defeat hackers. The platform offers bug bounty programs to both public and commercial entities, including governmental bodies.
Generative AI Will Become A Major Focus
As per the recently published 2023 Hacker-Powered Security Report, the field of generative artificial intelligence (GenAI) has grown rapidly in the last 12 years.
For 14% of hackers, it has grown to be a crucial tool, and 61% said they intend to utilize and create hacking tools that employ GenAI to uncover new vulnerabilities.
Moreover, according to 55% of hackers, GenAI technologies themselves will grow to be a significant target in the upcoming years.
Organizations in the cryptocurrency and blockchain sector continue to witness significant program participation; they give out the highest average total prizes for hackers and provide the top payment of $100,050 for the year.
“Organizations are under pressure to adopt GenAI to stay ahead of competitors, which, in turn, is transforming the threat landscape. If you want to remain proactive about new threats, you need to learn from the experts in the trenches: hackers,” said Chris Evans, HackerOne CISO and Chief Hacking Officer.
“The Hacker-Powered Security Report makes clear that hackers are actively growing their skillsets to meet emerging threats. The versatility of hackers and the impact of the vulnerabilities they surface make them instrumental to how our customers anticipate and address risk.”
Hackers identified a lack of internal skill and knowledge as the primary obstacle facing organizations, and they are addressing this shortcoming: According to 70% of clients, hacker activities have prevented a serious cyber crisis for them.
Reports also stated that exploited vulnerabilities pose a greater danger to their organizations than nation-state actors (10%), insider threats (12%), and phishing (22%).
The average remediation time across the platform decreased by 10 days in 2023, indicating that customers are becoming proficient at addressing vulnerabilities.
According to HackerOne, the total amount of time needed for remediation has grown from 35 to 37 days. With a median remediation time of 148.3 days, aviation and aerospace industries were the slowest to patch, followed by medical technology organizations at 73.9 days.
Blockchain and cryptocurrency companies addressed issues the fastest, taking 11.6 days.
“A limited scope puts off 50% of hackers, but slow response time and poor communication are the issues that are most likely to prevent a hacker from reporting a vulnerability”, reads the report.
For hackers, “Pentesting” and “Secure Code Review” are two new career paths that are developing and increasing overall payouts. On the HackerOne platform, these operations had a 54% increase in 2023.
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Try a free trial to ensure 100% security.