HackerOne’s Bug Bounties Skyrocketed To $40 Million in 2019

Bug bounty platform HackerOne paid out $40 million in bounties in 2019, roughly equal to the total for all previous years combined. From a report: Moreover, the company announced that its community almost doubled in the past year to 600,000 registered hackers. The announcement comes as the cybersecurity industry struggles with a workforce shortage, which is in turn compounded by growing cyberattacks that could cost the industry $6 trillion by 2021. As companies invest significant resources in battling external threats, HackerOne aims to pay good actors to find bugs before bad actors enter the fray, reducing the need for costly remediation measures further down the line.

Founded in 2012, HackerOne essentially connects companies with security researchers, or “white hat hackers,” who receive cash incentives to find and report software vulnerabilities. The San Francisco-based company has raised north of $100 million since its inception, including a $36.4 million tranche a few months back, and has paid out $82 million in bounties since its inception. According to HackerOne, U.S.-based hackers earned 19% of all bounties in 2019, followed by hackers in India (10%), Russia (8%), China (7%), Germany (5%), and Canada (4%). These figures were released as part of HackerOne’s annual hacker report, which included a survey of 3,150 hackers.