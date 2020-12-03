Infosecurity Group Websites
Latest
News

#WebSummit: Growing Acceptance of Ethical Hacking

There should be a re-evaluation of what hacking is and how it is viewed, according to Michiel Prins, co-founder at HackerOne, speaking during the online Web Summit 2020.

“When people think of the word hacker they often think of a bad person,” he explained, adding that “for us at HackerOne, if you use your hacking skill to find vulnerabilities, and then report those vulnerabilities to the companies affected so they can fix them, that is an ethical hacker.”

He stated that those who undertake hacking for nefarious purposes should simply be labelled “criminal.”

HackerOne is a company that works with the global hacker community to uncover security vulnerabilities in organizations throughout the world. Prins revealed it now has over 2000 customers on its platform with 900,000 hackers signed up to it, who together have so far discovered around 200,000 vulnerabilities.

He explained that it was much trickier starting out back in 2012, however, with limited response from many organizations when it contacted them about security weaknesses it had uncovered. It was those companies “born on the internet” such as tech firms in Silicon Valley that were far and away the most receptive to the concept of ethical hacking.

This is now changing, according to Prins. “Over the years, we’ve seen more traditional companies start to embrace it, from big banks like Goldman Sachs all the way to government institutions like the US Department of Defense,” he said.

Working with these more conventional organizations has meant that as well as finding vulnerabilities, it is also important for an ethical hacking service such as HackerOne to help provide the solutions. Prins commented: “You definitely need a process in place that allows you to remediate vulnerabilities, and typically those have to happen fast because if you find a critical vulnerability you can’t wait a couple of weeks to start fixing it.”

He outlined that the types of vulnerabilities discovered vary significantly, ranging from gaining access to sensitive data to being able to open a bridge.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Delaware County Pays $500,000 Ransom After Outages

2
News

Half of Docker Hub Images Feature Critical Flaws

3
News

Carrefour Handed $3.7m GDPR Fine

4
News

Vietnamese State Hackers Deploy Coin Miners to Victims

5
News

Personal Info Available on Dark Web for as Little as 50 Cents

6
News

Criminals to Favor Ransomware and BEC Over Breaches in 2021

1
News

UK Orgs Told to Prepare for New Wave of Brexit-Related Scams

2
News

Quarter of Firms Suffered 7+ Serious Cyber-Attacks in 2020

3
News

#WebSummit: Balancing Security, Privacy and Free Speech in the Digital Age

4
News

New Law to Crack Down on Fraudulent Foreign Firms Listed in US

5
News

Philly Food Bank Loses $1m in BEC Scam

6
Opinion

Death, Destruction and Rigged Elections: The New Reality of Today’s Cyber Threats?

1
Webinar

Enabling Secure Access: Anywhere, Any Device and Any Application

2
Webinar

Insider Risk Maturity Models: Tales from the Insider Crypt

3
Webinar

Putting People First: Overcoming Human Error in Email Security

4
Webinar

Risk-Based Security for Your Organization: What You Need to Know

5
Webinar

How to Mitigate Insider Threats in the Current Technology Landscape

6
Webinar

2020 Cybersecurity Headlines in Review

1
News Feature

#IFAW2020: Fighting Back Against Rising Fraud During #COVID19

2
Blog

Solving the Global Cybersecurity Skills Gap in Two Simple Steps

3
Interview

#IFAW2020 Interview: David Britton, VP of Industry Solutions, Experian

4
Webinar

How to Mitigate Insider Threats in the Current Technology Landscape

5
Opinion

#HowTo Master Cybersecurity Training with a Third Party

6
Interview

Interview: Richard Betts and Eward Driehuis, Cybersprint