Google, Apple or the Pentagon use the ethical hacker services to increase security. Why should you do that, too?
Small and medium-sized enterprises are the most common targets of cyber attacks. 74% of all medium and small businesses had at least one vulnerability or shortage in the online system in 2015, with up to 38% of smaller companies being actually attacked by cybercriminals. In 2016, the average amount required to remove the damage after a cyber-attack to a small or medium-sized company was € 86,000.
Our last year‘s survey came up with disturbing fact – up to 48% of Slovak and Czech companies doing business online do not care about the security of their site or application. If the company is already investing some money into IT security, it is most often about penetration tests and security audits. These of course have their value, but their common disadvantage is disposability. This means that the penetration test or security audit results are valid only in connection with a particular test version and a specific software and infrastructure configuration at the time of testing. Moreover, they are very expensive and not every company can afford them. Is there a more affordable solution?
How to protect yourself in a world where conventional safety methods are no longer sufficient?
In the dynamically developing online world of Anglo-Saxon countries, the bug bounty program is one of the fastest growing security alternatives.
The Bug Bounty program is a continuous security test that allows companies to prevent cyber attacks, theft of data and abuse. Security testing is carried out by ethical hackers who receive pre-specified rewards for found errors and vulnerabilities related to the vulnerability of services and applications.
65% of developed companies use bug bounty projects or are planning to sign up for them in the near future.
When does it make sense to use the bug bounty program?
Whenever the abuse of security vulnerabilities endanger you, especially if you:
- work with sensitive data such as personal data of your clients, including emails and payment information,
- run an e-shop, CRM system, payment, gambling, betting or project portal,
- start a new online product that will handle sensitive data,
- run any type of payment over the Internet,
- have a website built on third-party solutions, but located on your own server,
- introduce a new functionality on the web or application that makes it disadvantageous to perform a penetration test
- want to find out where your weak spots are and what you should focus on.
What bug bounty projects are available from us?
There are a few specialized startups in the world that offer space for bug bounty projects, such as American Hackerone or Bugcrowd. Global businesses Facebook, Google, Apple, and even the Pentagon often launch their own bug bounty programs, too. The first Central European bug bounty program Hacktrophy has several advantages for local companies. It is based on the legislative framework established by the European Union and is cheaper compared to its foreign competitors. This does not mean that it is worse or better, but thanks to local support it is more suitable for companies operating in European Union.
Sign up for free to Hacktrophy
To use the Hacktrophy bug bounty program, you do not have to pay any entry fee. If you need a help with setting up your project , don´t hesitate to contact us.