MEET THE HACKERS POWERING THE WORLD’S BEST BUG BOUNTY PROGRAMSAdam Bacchus, Chief Bounty OfficerLauren Koszarek, Dir. of Communications

Adam Bacchus serves as Chief Bounty Officer at HackerOne. Previously Adam was a member of Snapchat’s security team. Before Snapchat, Adam was on Google’s security team where he helped run Google’s penetration testing and bug bounty programs. Adam’s previous experience includes four years of security consulting, primarily in application and network pentesting.

@sushihack

Lauren Koszarek is the Director of Communication at HackerOne. Previously Lauren was a Security Communications Strategist for Blackberry. Lauren has experience driving proactive and reactive communications for brands including, Microsoft Trustworthy Computing, T-Mobile and HTC, among other.

@LKozz

Adam Bacchus

Lauren Koszarek

● Hacking scalability● Hacker survey data● Hacker profiles● 4 Reasons to work with

hackers● Q&A

Today’s Agenda

Bug Bounty 101

HackerOne is the world’s #1 bug bounty platform

Strength in Numbers

Not even the strongest or most skilled organizations have the headcount and capacity

to avert system vulnerabilities on their own.

Strength in Numbers

Security experts

in your

organization

Strength in Numbers

Security experts

in your

organization

Security experts among

all your vendors and

contractors

Strength in Numbers

Security experts

in your

organization

Security experts among

all your vendors and

contractors

80,000+ white hat hackers

on HackerOne

Strength in Numbers

80,000 hackers strong

$10,000,000+ earned in bounties

32,000+ vulnerabilities resolved

600+ customers

Who Are These Hackers?

/ha–ker/: One who enjoys the intellectual challenge of creatively overcoming

limitations. - MIT

Hackers ARE: Problem-solvers, Curious, Technically skilled, Diverse in background and education

Hackers are NOT: Criminals. Using their skills for a malicious purpose

11

Where in the world?

13

Not all hackers are created equal

Hacker Profiles

Hacker Profile : meals

Sean Melia | 26 years old | U.S.A.● Pentesting 4+ years● Bug bounties 2+ years ● Found 570+ bugs

“Bug bounties have changed my life significantly. I've been able to purchase a house as well as go on trips and purchase nice gifts for my family and girlfriend.”

Hacker Profile : nnwakelam

Nathaniel Wakelam | 21 years old | Australia● Self-taught bug hunter● Bug bounties 3+ years ● Helped GM, Snapchat, Yahoo,

Uber and Adobe find 372+ bugs● Uses bounties to fund his charity

Hackers helping hackers‘Bug bounties have given me cash money, skills, sent me around the world, and I've forged some lifelong friendships due to taking part in them’

Hacker Profile : mlitchfield

Mark Litchfield | U.S.A.● Hacking since ‘99● 1st hacker to earn $500k+ on H1● Helped Dropbox, Uber, Shopify and

many more resolve 450+ bugs

Mark chooses which bug bounty programs to work on based on “How well do they respond, how quick do they fix / pay.”

4 reasons to work with hackers

1. Hackers Gonna Hack

2. Enhanced Public Image

3. “Always On” vs. “Point in Time”

4. Find and Improve Gaps in SDLC

Questions?sales@hackerone.com

Thank you!sales@hackerone.com