When you put something online on the internet you are automatically a target for hackers. They scan entire IP ranges to search for specific vulnerabilities and you might have one of them. Before you know it your infrastructure is part of a botnet that is used to DDOS banks or they downloaded your database and are selling it on the internet.
So how do you prevent this? Easy! Invite ethical hackers to hack you. Zerocopter promotes this way of hacking. We think that the only way to defeat an army of bad hackers is by fighting it with a worldwide army of good hackers.
We call these good hackers “researchers”. Researchers are people who like to break into systems but who do it for the good. They ethically report vulnerabilities to you.
So how do you motivate a group of researchers to get you hacked?
Bug bounty programs! Setting up a bug bounty program allows you to reward researchers for finding unknown vulnerabilities in your application(s). At Zerocopter we manage these kind of reward programs and have created a very talented pool of researchers. You can choose how many researchers you want and reward the researchers with a fixed reward per category, “When you find A you get B as a reward”. So, no cure, no pay!
The benefits of these programs have been proven. They are cheaper and result in finding more unknown vulnerabilities than a regular pentest. Moreover, the Zerocopter platform helps you to have a clear overview of all the vulnerabilities, known and unknown, available in your own dashboard for everybody involved in online security in your organisation.
Prevent your application(s) from being hacked, start your own researcher program!
Don’t let vulnerabilities become your weakness: implement a Coordinated Vulnerability Disclosure program
Written by Zerocopter
September 21, 2016
Share this blog: