More than 600,000 hackers on the platform are helping find bugs and vulnerabilities.
When Capital One discovered a data breach in July 2019 that exposed credit card and application data of more than 100 million people, the revelation came courtesy of a hacker—a benevolent one. He was working on behalf of HackerOne, a company that connects businesses and government agencies with a network of 600,000 hackers who test systems in exchange for payment and clout. While traditional cybersecurity efforts are centered around building hacker-proof software, CEO Mårten Mickos says vulnerabilities are inevitable: “It’s better to know than not to know.” Last year, the company (which has doled out more than $80 million in rewards to cybersleuths since 2012, about half of that in the past year) introduced HackerOne Clear, a program that vets hackers for sensitive projects and allows companies to require nondisclosure agreements for such work. New clients in 2019 include Alibaba, AT&T, Hyatt, and Priceline, and four out of the top 10 banks in the United States (including Goldman Sachs) are now running hacker-powered security programs on the platform.