Hacking The Planet – Hack The World 2017 Recap


After 1 month of our community’s best and brightest going head to head to be named Hack The World 2017 champion, we are ready to share the winners of the annual contest. We also want to share some lessons learned, and give each of you the opportunity to share feedback with us so that we can improve on future contests.

Award winners

Drum roll please… Congratulations to nullelite, the winner of Hack The World 2017!

They will be receiving:

  • Hack The World 2017 Championship Belt

  • DJI Spark Palm launch, Intelligent Portable Mini Drone

  • Limited edition swag

  • Promotion as winner of Hack The World proudly on our website as well as on a plaque in the HackerOne office in San Francisco alongside our 2016 winners, attacker911 and whhackersbr

belt

Congratulations to the top 100 hackers from Hack The World 2017, as well. They each will be receiving a special Hack The World 2017 swag pack.  

stats

For every hacker who submitted a valid vulnerability during the competition (over 700 of you!), we will be sending you a limited edition Hack The World 2017 challenge coin.  

We will reach out directly to all prize eligible hackers before the end of the year to retrieve swag sizes and shipping addresses.

Sponsored Program Winners

Congratulations to the following special award winners!

Uber

  • Notnaffy won the $20,000 bonus for the most impactful bug sent to Uber during Hack The World 2017

  • Nullelite and malcolmx will be receiving $5,000 bonuses for finishing in the top 2 of the competition.

Mapbox

  • Congratulations to geeknik for winning the top report sent to Mapbox for Hack The World 2017

  • Congratulations to wangela and sahilsaif for earning honorable mentions for their reports to Mapbox.

You can read more about Mapbox’s participation in Hack The World 2017 in their blog post from this week.

Airbnb

  • The following hackers will be receiving special swag from Airbnb for submitting high impact and well written reports to them during Hack The World 2017

Private Programs

The following hackers received awards from private programs that participated in Hack The World 2017. Congratulations!

As more companies continue to announce their special prizes, we will update this blog to ensure our hackers receive proper recognition for their accomplishments.

Continuous Learning and Improving

As you know, it’s more than just about reputation here at HackerOne. Arguably your signal as a hacker is the most important metric we track. Our intention for the scoring for Hack The World 2017 was to try to reward hackers for quality of their reports, not just their quantity of reports. So we added “bonus streak” points for consistently reporting valid vulnerabilities. These bonuses were applied to hackers who achieved them and are reflected in the leaderboard.

The following point bonuses were awarded for hackers who hit the following report milestones during the competition:

  • Reported more than 10 valid issues without a single “informative”, N/A or Spam: 250 points

  • Reported more than 15 valid issues without a single “informative”, N/A or Spam: 500 points

  • Reported more than 20 valid issues without a single “informative”, N/A or Spam: 750 points

Admittedly we didn’t communicate this as clearly as we could have and we apologize for that and will do better next time!

Please send us your feedback

The only way we can continually improve events like Hack The World is by hearing from you, our amazing community.

We would love to hear about what you liked about Hack The World 2017, what you disliked, and any suggestions that you have.

If you would like to share feedback on Hack The World 2017, please email us at hacktheworld@hackerone.com.

Until next year.

Happy hacking!

 


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.



Source link