Karl`s PC Help Forums Last active: Never
Not logged in [Login ]
Go To Bottom

In memory of Karl Davis, founder of this board, who made his final journey 12th June 2007

Printable Version | Subscribe | Add to Favourites   Post new thread Poll:
Author: Subject: The Market For Those Who Get Rich For Finding Software Vulnerabilities
Custom User Title

Posts: 2022
Registered: 21-4-2007
Theme: KF Blue (Default)
Member Is Offline

Mood: No Mood

[*] Post 499054 posted on 31-10-2015 at 17:28 Reply With Quote
The Market For Those Who Get Rich For Finding Software Vulnerabilities

Christian Science Monitor Article

Full Story URL (10/30/15): http://www.csmonitor.com/World/Passcode/2015/1030/Glitches-to-riches-The-hackers-who-make-a-killing-off-software-flaws
Reminder: Online versions of hard copy newspapers archive their stories soon after publication; so if my URL doesn't lead to the story, do a search on the website and you will find it.

Article Story Line: Glitches To Riches: The Hackers Who Make A [financial payment type] Killing Off Software Flaws

Summary (it's a lengthy article): Selling information about software vulnerabilities was a quirky idea a decade ago. But today there's a global vulnerability marketplace where the world's top bug bounty hunters can reap handsome rewards.

In the past decade, a growing, global marketplace for software vulnerabilities has transformed a talent for sniffing out security holes in software from a resume bullet point to something....that is.... a rare skill that commands a high price. But with everything from software publishers to spy agencies and shadowy cyberarms dealers competing for prized vulnerabilities...

The bug kings: "Itís like finding a gold nugget," says Mark Litchfield, a security researcher who has become one of the most successful and celebrated discoverers of software vulnerabilities.

Mr. Litchfield hit pay dirt last September when he found 48 vulnerabilities affecting a leading website.....The collection of bugs netted him more than $63,000 in payouts through the companyís legitimate bug bounty program....The company paid those rewards through HackerOne, one of a handful of startups with online marketplaces that connect companies in search of security talent with independent researchers in search of payouts.

HackerOne and similar sites act as middlemen, providing an easy-to-use platform for soliciting information on vulnerabilities and paying researchers for what they find, then taking a small cut....

Me Here: for those on this forum who are in need of some extra cash, etc., etc., etc.,...... It certainly doesn't appear that the market for these folks is going to dry up anytime soon.
View User's Profile View All Posts By User
Anything you like


Posts: 7826
Registered: 23-7-2002
Theme: Coffee
Member Is Offline

Mood: Fintlewoodlewix.

[*] Post 499058 posted on 31-10-2015 at 20:04 Reply With Quote

It takes a thief to catch a thief...
View User's Profile View All Posts By User
Post new thread Poll:

Guest Notice
You are a guest, as a guest you can only see a maximum of 3 posts per thread.

If you want to see the rest, please click here to register.