CA-HACKERONE

27.6.2017 16:02:09 CEST | Business Wire | Press release

HackerOne Report Shows Bug Bounty Industry and Bounty Rewards Are On the Rise Globally

HackerOne , the leading bug bounty and vulnerability disclosure platform provider, today published “The 2017 Hacker-Powered Security Report ” that examines over 800 hacker-powered programs from organizations including Airbnb, GitHub, General Motors, Intel, Lufthansa, Nintendo, U.S. Department of Defense, Uber, and more. Findings are based on nearly 50,000 resolved security vulnerabilities and more than $17 million in bounties awarded -- the world’s largest platform dataset.

With data breaches averaging $4 million in losses globally and the downtime caused by attacks like WannaCry costing upwards of $8 billion , the most security conscious organizations are working with hackers to find unknown vulnerabilities. Hacker-powered security provides a way to identify high-value vulnerabilities faster, leveraging the creativity of the world’s largest ethical hacker community. The report data reveals that hackers are finding severe vulnerabilities and getting paid for it, with 32 percent of resolved vulnerabilities classified as high to critical severity, and top rewards reaching $30,000 USD for a single report.

Hackers in over 90 countries are earning bounty rewards. The most competitive organizations are awarding hackers nearly $900,000 USD a year, with critical vulnerabilities earning $1,923 on average. In the past 12 months, 88 individual bug bounties rewards were over $10,000 USD.

“Hacker-powered security programs are undeniably effective at finding vulnerabilities organizations never knew existed,” said Alex Rice, CTO and founder, HackerOne. “The report showcases the success of these programs and the diverse capabilities of the global hacker community, with nearly 50,000 security vulnerabilities resolved.”

The 2017 Hacker-Powered Security Report Key Findings:

Bug bounties aren’t just for technology companies. While over half of bug bounty programs launched in 2016 were by technology companies, 41 percent were from other industries. Verticals showing significant year-over-year growth include government agencies, like the U.S. Department of Defense , media and entertainment, financial services and banking, and ecommerce and retail.
Customers’ security response efficiency is improving: The average time to first response for security issues is 6 days in 2017, compared to 7 days in 2016. Ecommerce and retail organizations fix security issues in four weeks, the fastest on average.
Responsive programs attract top hackers. Programs that are the fastest at acknowledging, validating, and resolving submitted vulnerabilities are the most attractive to hackers. Loyalty matters — repeat hackers are to thank for the majority of valid reports.
Bounty payments are increasing. The average bounty paid to hackers for a critical vulnerability is $1,923 in 2017, compared to $1,624 in 2015 — an increase of 16 percent. The top performing bug bounty programs award hackers an average of $50,000 USD a month, with some paying around $900,000 a year.
Vulnerability disclosure policies. Despite increased bug bounty program adoption and recommendations from federal agencies, 94 percent of the top publicly-traded companies still do not have known vulnerability disclosure policies — unchanged from 2015.

The most authoritative report on bug bounties and hacker-powered security

The 2017 Hacker-Powered Security Report examines data collected from over 800 bug bounty and vulnerability disclosure programs around the world. The report includes analysis of nearly 50,000 vulnerabilities resolved from over 13 industries, plus insight from more than 600 customers and over 100,000 registered hackers. HackerOne also analyzed vulnerability disclosure policy data from the Forbes Global 2000 to better understand hacker-powered security adoption. The 2017 Hacker-Powered Security Report is based on the most comprehensive platform dataset, and it provides insight into the adoption rate of bug bounties, pricing strategies, hacker motivations, and more.

The full report is available at: https://www.hackerone.com/resources/hacker-powered-security-report

About HackerOne

HackerOne is the #1 hacker-powered security platform, connecting organizations with the world’s largest community of trusted hackers. More than 800 organizations, including the U.S. Department of Defense, General Motors, Uber, Twitter, GitHub, Nintendo, Kaspersky Lab, Panasonic Avionics, Qualcomm, Square, Starbucks, Dropbox and the CERT Coordination Center trust HackerOne to find critical software vulnerabilities before criminals can exploit them. HackerOne customers have resolved nearly 50,000 vulnerabilities and awarded more than $17M in bug bounties. HackerOne is headquartered in San Francisco with offices in London and the Netherlands.

View source version on businesswire.com: http://www.businesswire.com/news/home/20170627005599/en/

Contact:

HackerOne
Lauren Koszarek
lauren@hackerone.com
or
Bateman Group
Margaret Pack, 619-609-3919
hackerone@bateman-group.com

Link:

ClickThru

About Business Wire

Business Wire
101 California Street, 20th Floor
CA 94111 San Francisco

http://businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

The Future of Connectivity Starts Here: Network X Returns to Paris October 14 - 1616.7.2025 09:00:00 CEST | Press release

Show Reconvenes at Paris Expo Porte de Versailles with Global Representation of Industry Leaders and Telco Experts Network X 2025 - the only event that brings the fixed and mobile markets together - returns to Paris Expo Porte de Versailles October 14 - 16. Built for telecom's top players, this annual show drives business model innovation and monetisation of next-generation fixed, mobile, satellite and transport networks through AI and cloud. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250716595903/en/ Speaker on Headliners Stage at Network X 2024 New to Network X in 2025 are specialty events designed to deliver expert insights on trending topics including Data Center World and two Expo Stages for Fixed-Line and Mobile. More than 5,500 telco network infrastructure professionals will gather alongside 1,500 telcos to learn from six program tracks highlighting the latest advancements in Fibre, Wi-Fi Networks and Services, IP

Skechers AERO Series Opens New Chapter of Technical Running Innovation16.7.2025 09:00:00 CEST | Press release

New Collection Features an Evolution in Design that Cuts Through the Wind for That Aerodynamic Feel on Every Run Skechers Performance opens a new chapter of running innovation with the arrival of the Skechers AERO series. Named for the aerodynamic feel of the design, Skechers AERO represents the latest evolution of technical running shoes from the brand. The collection is engineered to deliver an exhilarating blend of speed, style and comfort to help runners cut through the wind and push beyond their personal bests while logging miles. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250716754749/en/ Introducing the Skechers AERO Series of technical running shoes: Skechers AERO Burst, Skechers AERO Spark, and Skechers AERO Tempo (L-R). “Recently launched in North America and Asia, the AERO Series leverages innovative technologies to elevate our signature comfort that’s now available to runners in Europe,” said Ben Stewart, Vic

4Moving Biotech Enrolls First Patient in Phase 2a Trial of 4P004, a Potential First-in-Class GLP-1 Therapy for Knee Osteoarthritis16.7.2025 07:00:00 CEST | Press release

- First patient enrolled in INFLAM MOTION, a global randomized Phase 2a trial including 129 knee osteoarthritis patients - 4P004 to be evaluated over 3 months for dual efficacy: symptom relief and synovial health improvement via contrast-enhanced MRI - Topline results expected in the second half of 2026 4Moving Biotech (4MB), a spin-off of 4P-Pharma dedicated to developing first-in-class treatments that modify the natural course of knee osteoarthritis (OA), today announced that the first patient has been enrolled in Phase 2a clinical trial, INFLAM MOTION. The study will evaluate 4P004, an intra-articular GLP-1 analog, as a potential first-in-class therapeutic candidate for knee osteoarthritis. INFLAM MOTION is a multicenter, randomized, double-blind, placebo-controlled Phase 2a trial planned to be conducted across Europe, the United States, and Canada. A total of 129 patients worldwide diagnosed with knee OA will be enrolled to evaluate, for the first time in humans, the efficacy of 4P

Belkin Achieves Qi2.2 Certification for Its Upcoming Products, Unlocking the Future of 25W Wireless Charging15.7.2025 19:06:00 CEST | Press release

With Qi2.2 certification, Belkin reinforces its commitment to quality, safety, and performance for the next generation of wireless charging Belkin, a leading consumer electronics brand for over 40 years, today announced it has received official Qi2.2 certification from the Wireless Power Consortium (WPC) for its upcoming products. As one of the first accessory brands to deliver Qi2.2-certified devices, Belkin is helping bring the next generation of wireless charging to market – enabling faster wireless charging speeds, broader compatibility, and improved performance for consumers. Belkin’s close partnership with the WPC since 2015 has been instrumental in bringing these advancements to consumers. As an early adopter and long-time contributor to WPC standards, Belkin was selected as one of a small group of trusted manufacturers to test and certify Qi2.2 products ahead of the broader industry rollout. All Belkin products undergo rigorous safety, quality, and performance testing. The comp

Cessna Grand Caravan EX to Feature New Executive Interior Options, Expanding Opportunities for Elevated Missions15.7.2025 18:05:00 CEST | Press release

The legendary Cessna Grand Caravan EX will now feature three new executive interior schemes for customers to select when designing their aircraft cabin. The Lunar, Obsidian and Saddle Sport interiors join the existing Canyon and Savanna schemes, providing a broader range of standard choices. The new interior options are available to customers starting this month and allow them to further tailor the interior of their aircraft based on their personal preference or mission. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250715021096/en/ Cessna Grand Caravan EX to feature new executive interior options, expanding opportunities for elevated missions (Photo Credit: Textron Aviation) The Cessna Grand Caravan EX is designed and manufactured by Textron Aviation Inc., a Textron Inc. (NYSE:TXT) company. Premium versions of each of the new interiors are also available, featuring quilted seat stitching and plush carpet, providing an elev

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom