Ethical hacking and security through crowdsourcing
BY LIZ TREADWELL | 1 min read

Website and data security are hot topics these days. Most recently, Capital One experienced a massive breach of over 100 million customers’ records where social security numbers and other pieces of personally identifying information were exposed. Unfortunately they are not the first nor the last company that will have to face such a damaging situation.

This is where crowdsourcing can step in to help prevent against malicious attempts to breach security. “White hat” or ethical hackers are being called upon by companies of all sizes to help purposely find vulnerabilities in their website’s infrastructure. Usually in the form of a “bug bounty” or a “penetration test”, ethical hackers are asked to find weaknesses in a company’s software or website. If someone is able to report a vulnerability, there is usually a cash reward and recognition for their findings.

By using this strategy, organizations are able to gain access to thousands (if not millions) of these ethical hackers to ensure weaknesses are discovered at every level of their website. It’s much more advantageous to get many different people searching for issues than just hiring a single consulting company to do the job. There are even dedicated platforms such as BugCrowd and HackerOne who have vast communities of skilled hackers who are available to perform the vulnerability tests. 

The other benefit to crowdsourcing security testing is that you get to set the price for how much you’re wanting to pay for a reported bug or weakness. Some pay out as low as $50 per vulnerability and others can get up into the thousands for more critical ones. Remember, you always get what you pay for when it comes to crowdsourcing, so make sure you set a fair price to make sure you attract quality hackers.

Don’t be the next Equifax or Capital One, be proactive and make sure your website or software are secure by crowdsourcing your next vulnerability test.

Interested in crowdsourcing something besides security? Contact our Possibilities team to discover how HeroX can work for you.

more like this


HeroX Tips: Your Crowdsourcing Timeline

One of the biggest components of a crowdsourcing challenge is the timeline. When does your challenge open? When are submissions due? When will the wi…
1 min read

Q&A with Christian Cotichini, co-founder and CEO of HeroX 2018

Christian Cotichini has over 20 years of experience personally leading startup and high growth technology companies. He is also a successful angel in…
5 min read

HeroX Doesn’t Have An Office. Thriving while 100% Remote

The HeroX team is 100% remote with core team members operating from 3 countries and as many time zones. Sharing the secrets to our success through innovation, results only work environment, crowdsourcing, remote work culture, technology, gig economy, 3hag, 12 week plan and more.
3 min read