In the hacker world, there are three kinds of people: white hats (hackers), gray hats (hackers) and black hats (hackers). Among them, white hat hackers, namely White Hat Hacker, also known as white hat, they use their own hacking techniques to maintain the fairness and justice of network relations, and test the performance of networks and systems. In the Internet world, white hat hackers are playing their active role. In fact, Apple co-founder Stephen Wozniak, the father of the Internet Berners Lee and the father of Linux Linus Torvalds are all white hat hackers. Using their technical knowledge, white hat hackers can not only maintain fairness and justice in the online world, but also earn millions of dollars and even achieve financial freedom.
6 Amazing White Hat Hackers
The HackerOne platform recently announced that so far, 6 registered white hat hackers on its platform have earned more than $1 million in bug bounties.
It is reported that HackerOne is a third-party vulnerability testing platform, and its customers include General Motors, Goldman Sachs, Google, Intel, Microsoft, Spotify, Starbucks, Twitter and even the US Department of Defense. Its purpose is to use the power of registered white hat hackers to find and block vulnerabilities before malicious attackers exploit them. In this process, white hat hackers obtain bounties from manufacturers by discovering vulnerabilities.
In March 2019, Santiago Lopez became the first white hat hacker to earn more than $1 million through the HackerOne platform.
The HackerOne platform said, “Right now, Mark Litchfield (@mlitchfield) from the UK, Nathaniel Wakelam (@nnwakelam) from Australia, Frans Rosen from Sweden (@fransrosen), Ron Chan from Hong Kong (@ngalog) and DeVoss from the US (@dawgyg) Improve internet security by digging bugs and join the Million Dollar Hacking Club.” Since the platform connects penetration testers, security researchers and businesses around the world, six registrants have gained over 1 million Dollar bonus.
Once the matter was announced, many netizens greeted congratulations on Twitter. Some netizens said, "Congratulations, I hope Africa will soon have the first millionaire white hat hacker." Some netizens said, "Africa is rising, and we will bring them bounties." "If in Africa It would be great to hold offline hacking events. Egypt is definitely a good place to start, because they have a fairly large hacker community there." Netizen Yassineaboukir said.
$62 million bounty
It is reported that through the HackerOne platform, hackers will receive monetary rewards every time they report security vulnerabilities in the software of organizations with bug bounty programs on the platform.
" Every 5 minutes, a hacker reports 1 vulnerability. Every 60 seconds, a hacker works with an organization on the HackerOne platform," HackerOne said. Over 1,000 interactions on the platform.”
Six of the ten top banks in North America are working with HackerOne.
The HackerOne 2019 Hacker Support Security Report released the findings of a survey based on more than 123,000 resolved security issues. Investigative reports reveal that $62 million in bounties for more than 1,400 client projects were paid out to hackers from more than 150 countries, suggesting that more serious vulnerabilities are being discovered now than ever before.
In the past year alone, more than 25% of the vulnerabilities discovered were classified as critical vulnerabilities, and the larger the bounty, the more serious the vulnerability, and the white hat hackers can get bigger and bigger rewards.
1-year bonus up to $21 million
The average critical bug bounty paid to a researcher increased by 48% to $3,384 from the median for all relevant industries last year, up from $2,281 and up 71% from the 2016 average of $1,977.
According to HackerOne, " Currently the most competitive programs, such as Google, Microsoft, Apple, and Intel, offer individual bounties of up to $1.5 million for critical bugs. "
Overall, security researchers who reported vulnerabilities through the HackerOne bug bounty program received $21 million in bounties over the past year, an increase of $10 million over the previous year.
Meet these 6 millionaire white hat hackers
Santiago Lopez—19-year-old first million-bounty white hat hacker
Lopez is a 19-year-old white hat hacker named @try_to_hack from Argentina who has been a member of the HackerOne platform since 2015.
Santiago Lopez said: "When I started Hacking, I had no concept of making money. Of course, now I feel that my efforts are recognized, which is very proud. Not because of money, but this achievement represents people and companies paying more attention to It's unbelievably safe."
Santiago Lopez got started in the security industry by watching hacker movies when he was a teenager. In 2015, he registered as a white hat on the HackerOne platform, only then did he realize that he could make money by using his technology to find vulnerabilities. Lopez revealed that he himself is completely self-taught, and all his learning comes from the Internet, online courses and reading books.
As of now, he has found a total of 1676 security vulnerabilities, such as Twitter, HackerOne, Automattic, Verizon and private companies, and even the US government. It can be described as a remarkable achievement.
Mark Litchfield (@mlitchfield) - Vulnerability Crowdtesting Industry Veteran
Mark Litchfield is from the UK and is honored by HackerOne as a veteran of the bug testing industry.
In 1999, he was selling computers on a high street in Scotland, a small operation that made little money. Later, through the introduction of his brother David who is engaged in security work, he learned a Windows Server NT4 course. Three days later, he went to London and started to work in security.
"Hackers can open doors for anyone with a laptop and a curiosity about how to break things," says Mark Litchfield (@mlitchfield), a newly promoted white hat hacker in the UK. "I hope our achievements will inspire other white hat hackers , young and old, test their skills and be part of a supportive community that makes the Internet a safer place."
Mark Litchfield (@mlitchfield) has discovered hundreds of software vulnerabilities from some well-known companies, including Dropbox, Yelp, Venmo, Starbucks, Shopify, and Rockstar Games.
Frans Rosen (@fransrosen) - Top White Hat Hacker with CEO Talent
Frans Rosen is a Swedish technology entrepreneur, bug bounty hunter, and knowledge advisor to Detectify. Not only has he successfully run his own cybersecurity company, but he has also served as CEO, CTO and board member for several security companies.
It is reported that he is a frequent blogger of Detectify Labs and a top participant of the bug bounty program on the HackerOne platform. He ranks second on HackerOne's list of top 10 well-known bug bounty hunters.
Also, his security research has been featured in numerous international publications including Observer, BBC, Ars Technica and SC Magazine.
Frans Rosen has always believed in a point of view: Hacking should serve humanity and should give back to the hacker community. As such, he often donates his bug bounties to charity as well.
Nathaniel Wakelam (@nnwakelam) - long-time top 3 HackerOne platform
Nathaniel Wakelam is 24 years old, from Australia, also known as Naffy.
He said, “Bug bounties gave me opportunities I never expected. When I started, the industry was in its infancy, with only a handful of companies inviting hackers to find and share bugs. Six years later, the industry has changed dramatically. Bug bounties allow me to work flexibly around the world, connect with people in the industry I respect, and earn a good income in life. I am very happy to be among the first to reach this milestone."
According to HackerOne, Nathaniel will not stay in one place for more than 30 days. Currently, he often lives in various parts of Thailand. When he is not doing bug testing, Nathaniel will travel and attend various parties.
Nathaniel discovered the first vulnerability when he was in elementary school, and later discovered more than 700 vulnerabilities. This deep knowledge has kept him in the top three positions on the HackerOne leaderboard.
Ron Chan (@ngalog) - brilliant young white hat hacker
Ron Chan is 28 years old, from Hong Kong, China, and he is keen on discovering some complex intrusion testing techniques (big tech). Using these techniques, he discovered multiple critical vulnerabilities in Airbnb, GitLab, PayPal, and Uber.
If you are as good as Ron Chan, you can also earn $75,000 in one month in July 2019.
He said, "When I first tried my attack, I didn't think I was going to be successful. I saw names like 'Frans' and 'Mark' popping up at the top of the charts week after week, never before. Thought I'd be able to meet them or work with them. It's awesome. It's a great moment to hit the $1 million milestone."
Tommy DeVoss (@dawgyg) - The Lost White Hat Hacker
Tommy DeVoss, a 35-year-old from the United States, once lost his way and made mistakes in the hacking path. In 2000, he was convicted of stealing AOL accounts to hack into military systems. After getting out of prison, DeVoss started from an IT job and slowly changed himself. Later, he discovered that it is possible to make money through the HackerOne platform and it is completely legal. During the H1-702 competition, DeVoss received a bounty of $130,000 for discovering the bug.
at last
Statistics show that there is currently a gap of 1.4 million cyber security talents in China...
Whether you are a cyber security enthusiast or a practitioner with certain work experience,
whether you are a fresh graduate or a professional who wants to change jobs ,
you all need this job. super super comprehensive information
almostBeats 90% of self-study materials on the market
And covers the entire network security learning category
to bookmark it!It will definitely help your study!
Friends, if you need a full set of network security introduction + advanced learning resource package, you can click to get it for free (if you encounter problems with scanning codes, you can leave a message in the comment area to get it) ~
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing
1. A full set of toolkits and source codes necessary for network security
2. Video Tutorial
Although there are a lot of learning resources on the Internet, they are basically incomplete. This is the online security video tutorial I recorded myself. I have supporting video explanations for every knowledge point on the road map.
3. Technical documents and e-books
The technical documents are also compiled by myself, including my experience and technical points of participating in the network protection operation, CTF and digging SRC vulnerabilities.
I have also collected more than 200 e-books on Internet security, basically I have popular and classic ones, and I can also share them.
4. NISP, CISP and other certificate preparation packages
5. Information security engineer exam preparation spree
6. Interview questions for network security companies
The interview questions about cyber security that have been sorted out in the past few years, if you are looking for a job in cyber security, they will definitely help you a lot.
Friends, if you need a full set of network security introduction + advanced learning resource package, you can click to get it for free (if you encounter problems with scanning codes, you can leave a message in the comment area to get it)~
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing