Hackers Assist in Strengthening Consumer Safety by Reporting Security Weaknesses
While this may still seem
unbelievable, HackerOne, the leading hacker-powered
security platform, today revealed the outcome
of a Live Hacking event which they held in
London early in June.
For the third consecutive
year, Uber has partnered with HackerOne to bring in over 50 proven bug bounty hackers from all across the globe to thoroughly search for lapses
in security. They were to do this for a chance at earning money; a range of $500 to $50,000 for every valid finding. These awards, referred to as
“bounties”
were paid upfront in the course the
8-hour engagement;
letting hackers earn up to $375,000 for
their contributions to safety.
Bug Bounty
Manager at Uber, Lindsey Glovin, reported that working hand-in-hand with
hackers to identify and solve vulnerabilities is an essential part of
Uber’s current commitment to safety, including the security of their products. Lindsey said that their relationship with the research community is crucial to the
successful outcome of their bug bounty program and live hacking events provide them with the chance to
thank them in-person and
at the same time increase the value they
add to Uber’s security efforts.
British hacker,
Tomnomnom, who received the award for the Most
Valuable Hacker of the
event said that it was indeed an amazing day. He spoke on how the findings,
the atmosphere, and mostly the people (the entire community) is the
most supportive
and welcoming he was ever fortunate to be amongst.
Uber started
up its public bug bounty program in March
2016 and up till now,
Uber has worked with over 600 proven hackers
to uncover more than 1,100 security weaknesses, enhancing the safety of Uber’s platform. Through the duration of
the one day live hacking event, 150 bugs were noted and triaged by
Uber, summing up both immediate security improvements as well as valuable
feedback for their current
secure software development lifecycle program.
For the very
first time in London, HackerOne was the host for a mentoring track in during the Live Hacking event to tutor potential hackers to not
security weaknesses. HackerOne has a commitment to nurture and grow the varience of
its hacker community, and support potential hackers is an invaluable component in
reaching this feat.
Laurie Mercer, HackerOne Security Engineering Lead reported how essential it is to note and build diverse new hacker talent. The mentoring track assists them support the
future generation of hackers to attempt their bug hunting skills, as well as provide individualized one training and on-site mentoring to assist in introducing less
experienced hackers to the common tools and techniques. Laurie reported that this year is the first time which a mentee has found up to two bugs; confirming that starters with a fresh pair of eyes can amount to a big
difference.
The next live hacking event by HackerOne will be held in Las Vegas, USA
from the 8th to 10th of
August.
Gloss