Young Hacker Makes $1m. Legally.

A 19-year-old Argentinian has just made history as the first to earn over $1,000,000 in bounty awards on HackerOne.

Since joining HackerOne in 2015, Santiago Lopez (pictured) has reported over 1,670 valid unique vulnerabilities to companies such as Verizon Media Company, Twitter, Wordpress, Automattic, and HackerOne, as well as private programs. He consistently tops the HackerOne leaderboards, with the 91st percentile for signal, 84th percentile for impact, 2nd overall on the platform, and over 37,000+ reputation!

As a self-taught hacker, primarily using blogs and YouTube to expand his skills, Santiago shows us all that learning to hack is not reserved for the traditional classroom.

According to a recent study, 81% of hackers point to online resources and blogs as their primary source for hacking education, while just six percent have completed a formal class or certification on hacking.

Bug bounty hackers are filling a new niche that is in high demand in the booming cybersecurity job market. Organisations like Starbucks, Verizon Media, Toyota, Airbnb and even government agencies such as the US Department of Defense are working with ethical hackers to find security vulnerabilities in their systems before they can be exploited.

These organisations are increasingly relying on the hackers as another layer to keep their customers safe and many are willing to pay top dollar for these vulnerabilities. Companies pay an average of $2,000 for a critical vulnerability, with bounties as high as $100,000 for a single flaw.

Organisations and government agencies are attracted to bug bounty programs because they can work with some of the brightest minds without being geographically restricted or having to go through lengthy recruitment processes. To put this into perspective, the US saw more than 313,000 cybersecurity job openings between September 2017 and August 2018.

Hackers are now building successful careers with bug bounties. Hacking is becoming one of the most lucrative jobs in the world, earning more than physicians and architects in the US.

A physician earns an average of $195,000 and an architect earns an average of $115,000; meanwhile, the top paid hackers are earning three times that as some companies are paying out millions each year. HackerOne has a community of over 400,000 hackers.

These hackers were paid over $19 million in 2018 alone and more than $50 million in total, all in the name of making the Internet safer.

Considering all the benefits on offer, including a flexible work schedule, a great deal of autonomy, an active community to learn from and a potential to earn good money, how can you embark on a career as a hacker? The best news is that one doesn’t need to go back to school.

Many skills required to become a successful hacker can be learned online, for free or minimal cost. Anyone with the drive and high degree of curiosity can become a hacker.

So where to start?

Embarking on a career in hacking has never been more encouraged or more rewarding, both financially and personally. Even though anyone can essentially teach themselves how to hack with the tools available online today, the one skill hackers must inherently have is the ability to problem solve and a strong sense of curiosity around how technology works and how it could possibly fail us. With that, here are my top resources to learn how to hack:

The ethical hacking industry is booming and, whether you are looking for a lucrative hobby or full-time pursuit, there is no better time to embark on a career as a hacker.

Infosecurity           HackerOne:          ATV

You Might Also Read:

Ethical Hacker Guilty Of Malware Attacks:

Hackers Paid Big Money To Improve Cybersecurity:

 

 

« Israel Hits Back At Hamas Cyber Attackers
AI In Cyber Security Is Worth Almost $5B »

Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

WEBINAR: Shifting Your Network Security Architecture To The Cloud

WEBINAR: Shifting Your Network Security Architecture To The Cloud

Thursday, July 8, 2021 - In this webinar, SANS and AWS Marketplace will discuss how to adapt network security architecture and control implementation to a cloud-based model.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

SRC Secure Solutions

SRC Secure Solutions

SRC Secure Solutions is a reseller of multiplatform software solutions with which organisations can secure their data for storage and data transmission.

WebARX

WebARX

WebARX is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

DBAPPSecurity

DBAPPSecurity

DBAPPSecurity focuses on web application security and database security.

Valtori

Valtori

Government ICT Centre Valtori provides sector-independent ICT services for the central government, while taking into account the special requirements related to security and preparedness.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

aDolus

aDolus

aDolus delivers a robust solution for safeguarding against counterfeit or malicious software and firmware in mission-critical systems.

Maddrix

Maddrix

Maddrix is a network security company focused on helping government, critical infrastructure, and private sector organizations protect their mission critical information.

International Association of Security Awareness Professionals (IASAP)

International Association of Security Awareness Professionals (IASAP)

IASAP provides a members-only virtual sharing platform where security awareness professionals engage in a lively, year-round exchange of information and ideas.