Contrary to common belief, ethical hackers can actually make money by identifying security vulnerabilities in a lawful manner. At a recent Zeroday Cloud hacking event, ethical hackers received a total of $320,000 for identifying 11 significant security vulnerabilities.
I find the whole concept of ethical hacking extremely important as it allows these companies to benefit from the expertise of some very talented individuals while at the same time, obtaining a level of protection for their product.
a) Not known to exist before,
b) No available patch exists for them as of yet and
c) Could potentially be exploited by criminals had it been identified.
Here’s what stood out:
Companies who have ignored security issues will often regret it later, especially when they are faced with a costly security breach. With this new artifice, Zeroday Cloud takes a smarter way to handle such situations by:
In summary, $320,000 for 11 security bugs may sound irrationally high, however, being able to stop an attack before it occurs is an intelligent investment on behalf of Zeroday Cloud. It also makes you wonder, what other hidden bugs still exist?
What Is Zeroday Cloud?
Zeroday Cloud hosts legal hacking events where they offer security experts/consultants the opportunity to identify weaknesses in their cloud systems through legal means. Rather than using their skills to commit illegal acts, ethical hackers assist companies in identifying, resolving, and fixing security vulnerabilities early in the product life cycle.I find the whole concept of ethical hacking extremely important as it allows these companies to benefit from the expertise of some very talented individuals while at the same time, obtaining a level of protection for their product.
What Were The Findings By The Ethical Hackers?
During the course of this event, ethical hackers discovered eleven zero-day vulnerabilities. A zero-day vulnerability is defined as:a) Not known to exist before,
b) No available patch exists for them as of yet and
c) Could potentially be exploited by criminals had it been identified.
Here’s what stood out:
- 11 major issues were discovered
- Researchers received $320,000 in reward
- Those issues impacted "Cloud" services provided by real vendors
- Some of the bugs provided deep access to the underlying infrastructure
Why Is This Significant?
So why would we want to pay so much money to hackers? Simple. It costs far less to fix something before it has caused damage than after damage has occurred.Companies who have ignored security issues will often regret it later, especially when they are faced with a costly security breach. With this new artifice, Zeroday Cloud takes a smarter way to handle such situations by:
- Fairly compensating security researchers for their time and effort
- Addressing issues as soon as they arise
- Reducing the possibility of data breaches
How Does This Impact Cloud Security
To answer the question of how does this impact Cloud Security, Cloud is a daily presence for many businesses today. With attackers always looking for the next weak spot, which is why this situation clearly illustrates, even the most secure infrastructures may have hidden vulnerabilities.In summary, $320,000 for 11 security bugs may sound irrationally high, however, being able to stop an attack before it occurs is an intelligent investment on behalf of Zeroday Cloud. It also makes you wonder, what other hidden bugs still exist?
