The Problems Customers Use Ethical Hackers To Solve
Organizations work with ethical hackers to address a range of issues, including knowing unknowns, preventing breaches, meeting regulatory compliance, and helping the security budget.
“We don’t know everything that we have live so it’s a powerful tool to be able to say to the community “tell us what we don’t know.” It’s then my responsibility to find who is responsible for fixing these obscure assets.”
— Matthew Copperwaite, Senior Cyber Security Engineer, Financial Times
“If I were to build an internal team to find vulnerabilities on the same scale as HackerOne, it would be very challenging — security salaries aren’t cheap, and it would take a year to fully ramp up a team. Via HackerOne, I can get immediate access to experts who are incentivized to find the most impactful vulnerabilities. This flexibility means we haven’t had to compromise company growth for security.”
— Dmitri Lerko, Head of Engineering, loveholidays
“Our bug bounty is the last line of defense. If we’re getting reports on a product that is live, we know we should have found those issues earlier, so we focus on learning from the report and how to avoid it in the future.”
— Matthew Copperwaite, Senior Cyber Security Engineer, Financial Times
“We tell ourselves that industry certifications and cybersecurity laws can solve security, but when have certifications ever stopped incidents? Hackers are really special; if you want to catch an attacker, you need to think like an attacker, and attackers don’t think about the papers you have. When it comes to real breaches and attacks, I use real vulnerabilities to show impact.”
— Alexander Korotkov, a CISO from a global SaaS provider
To gain more insights like these firsthand, check out the next stops on the Security@ Global Tour. If you’re interested in learning more about the power of ethical hackers for your security program, contact the experts at HackerOne today.