Website and data security are hot topics these days. Most recently, Capital One experienced a massive breach of over 100 million customers’ records where social security numbers and other pieces of personally identifying information were exposed. Unfortunately they are not the first nor the last company that will have to face such a damaging situation.
This is where crowdsourcing can step in to help prevent against malicious attempts to breach security. “White hat” or ethical hackers are being called upon by companies of all sizes to help purposely find vulnerabilities in their website’s infrastructure. Usually in the form of a “bug bounty” or a “penetration test”, ethical hackers are asked to find weaknesses in a company’s software or website. If someone is able to report a vulnerability, there is usually a cash reward and recognition for their findings.
By using this strategy, organizations are able to gain access to thousands (if not millions) of these ethical hackers to ensure weaknesses are discovered at every level of their website. It’s much more advantageous to get many different people searching for issues than just hiring a single consulting company to do the job. There are even dedicated platforms such as BugCrowd and HackerOne who have vast communities of skilled hackers who are available to perform the vulnerability tests.
The other benefit to crowdsourcing security testing is that you get to set the price for how much you’re wanting to pay for a reported bug or weakness. Some pay out as low as $50 per vulnerability and others can get up into the thousands for more critical ones. Remember, you always get what you pay for when it comes to crowdsourcing, so make sure you set a fair price to make sure you attract quality hackers.
Don’t be the next Equifax or Capital One, be proactive and make sure your website or software are secure by crowdsourcing your next vulnerability test.
Interested in crowdsourcing something besides security? Contact our Possibilities team to discover how HeroX can work for you.