Hackers have earned $300 million in all-time rewards from HackerOne through its bug bounty program.
The company, which pairs organizations with a community of ethical hackers who look for vulnerabilities in their software, announced the milestone this week. The company noted that 30 hackers have earned over $1million for their submissions, while one has earned more than $4 million for their bug reports.
The news comes alongside the company’s 2023 Hacker-Powered Security Report, which notes that 55% of hackers think generative AI will become a top target in the coming years.
"Organizations are under pressure to adopt GenAI to stay ahead of competitors, which, in turn, is transforming the threat landscape. If you want to remain proactive about new threats, you need to learn from the experts in the trenches: hackers," said Chris Evans, HackerOne CISO and Chief Hacking Officer. "The Hacker-Powered Security Report makes clear that hackers are actively growing their skillsets to meet emerging threats. The versatility of hackers and the impact of the vulnerabilities they surface make them instrumental to how our customers anticipate and address risk.”
Google recently expanded its own bug bounty program to include generative AI.
Hackers on the platform are also particularly interested in crypto and blockchain organizations, in part because they offer the highest overall rewards for hackers. This year’s top payout from the space was $100,050.
While the group noted that AI is a growing threat, hackers also plan to use AI more in their day-to-day lives. Sixty-one percent of respondents said they would use and develop hacking tools from GenAI to help them find more vulnerabilities, and 62% said they plan to specialize in the Open
Platform
Target
Google
Software
blockchain
reports
experts
300
Chris Evans