Ever heard of bug bounty programs? These initiatives invite individuals to spot and report security flaws in digital spaces, benefitting companies by allowing them to fix issues before they escalate. Those who identify and report these flaws are often referred to as ethical or white-hat hackers. Their role is crucial in creating a safer online environment, and in return, they receive rewards from major companies for their efforts. Recently, researchers at Surfshark shared some intriguing statistics about bug bounty.
In 2023, hackers reported 835 software security threats to 105 companies and they were given $450,000 for their help. Out of 93 ethical hacking experts who reported these flaws, the top 5 hackers gained 20% of the total rewards. The most security threats were reported about the United States Department of Defense with 96% reports that make up 10% of total reports in 2023. Two of the biggest issues that were reported were about website configuration where one issue was automatically giving permission to admin access and the second issue was about default password. These flaws were enabling users to upload and delete their files, change privileges, and delete users’ accounts.
A bug bounty program managed by HackerOne that researches and protects open-source software projects, received 86 reports in 2023 and gave $121,000. Other platforms including GitHub and GitLab gave 30,000 and 23,000 to those hackers respectively. Through these bug bounty programs, LinkedIn received a total of 28 security threats. Now, it is ranked as the fifth platform with these threats. Two of the biggest flaws that were reported on LinkedIn were related to improper disclosure of information.
Read next: Apple Finally Breaks Negative Trend Of Consecutive Revenue Decline For Four Quarters
In 2023, hackers reported 835 software security threats to 105 companies and they were given $450,000 for their help. Out of 93 ethical hacking experts who reported these flaws, the top 5 hackers gained 20% of the total rewards. The most security threats were reported about the United States Department of Defense with 96% reports that make up 10% of total reports in 2023. Two of the biggest issues that were reported were about website configuration where one issue was automatically giving permission to admin access and the second issue was about default password. These flaws were enabling users to upload and delete their files, change privileges, and delete users’ accounts.
A bug bounty program managed by HackerOne that researches and protects open-source software projects, received 86 reports in 2023 and gave $121,000. Other platforms including GitHub and GitLab gave 30,000 and 23,000 to those hackers respectively. Through these bug bounty programs, LinkedIn received a total of 28 security threats. Now, it is ranked as the fifth platform with these threats. Two of the biggest flaws that were reported on LinkedIn were related to improper disclosure of information.
Read next: Apple Finally Breaks Negative Trend Of Consecutive Revenue Decline For Four Quarters
