Saturday, July 4, 08:00
Home security Top 10 bug bounty programs of HackerOne for 2020

Top 10 bug bounty programs of HackerOne for 2020

HackerOne, a company that hosts bug bounty programs for some of the world's largest companies, today announced its ranking of the 10 most successful programs hosted on its platform.

The ranking is based on the total amount of money awarded to hackers by each company, from April 2020.

The HackerOne list for 2020 is the second edition of this ranking, with the first being published last year. The top rankings of 2019 were: (1) Verizon Media, (2) Uber, (3) PayPal, (4) Shopify, (5) Twitter, (6) Intel, (7) Airbnb, (8) Ubiquiti Networks, ( 9) Valve and (10) GitLab.

In 2020, there were some changes to the Top 10, but the leader remained the same, with Verizon Media maintaining its position at the top and running the most successful bug bounty program in HackerOne.


2019 rank: # 1 (-)

Verizon Media is the undisputed leader of the most active and successful bug bounty program hosted on the HackerOne platform. Verizon Media more than doubled the amount of money awarded to security researchers, from $ 4 million to more than $ 9,4 million this year, with a total of $ 5,4 million in a one-year period.

Currently, Verizon Media ranks first in payments and ranks first in terms of hackers who enjoyed it (1.315) and also ranks first in most error report reports resolved (5.928). In addition, one of Verizon Media's bug bounty rewards is also ranked among the 5 largest payments ever made to HackerOne, with a $ 70.000 prize awarded to a lucky researcher.


2019 rank: # 3 (+1)

Despite running one of the most recent programs on HackerOne, registered just in August 2018, Paypal has been fully established as one of the most active companies on the platform, paying nearly $ 2,8 million over the past two years and $ 1,62 million dollars last year.


2019 rank: # 2 (-1)

Since last year's ranking, Uber's security team has donated $ 620.000 to bug bounties, raising the company's total to $ 2.415.000 awarded to HackerOne from the program that went into effect in December 2014.

Currently, Uber's bug bounty is ranked in the top 5 of the happiest hackers.


2019 rank: # 6 (+2)

Intel rose two places in the 2020 rankings after the company paid more than $ 1 million in bug bounties to researchers over the past 12 months.

While the total amount has never been published, Intel has also paid the highest bug bounty ever paid on the HackerOne platform, with the amount believed to be between $ 100.000 and $ 200.000 for one vulnerability side channel that affects the CPUs.


2019 rank: # 5 (-)

With one of the oldest programs in HackerOne, released in May 2014, the Twitter has paid more than $ 1.288.000 in money to security researchers, with $ 118.000 being paid in the last 12 months.

6) GitLab

2019 rank: # 10 (+4)

In 2020, the GitLab code hosting platform went from # 10 to # 6 in one of the biggest leaps this year classification. The company has paid more than $ 641.000 in bug bounties to security researchers in the last 12 months, increasing its total payments to $ 1,211.000.

The company also has one of the fastest response times on HackerOne, responding to security researchers within an hour, on average, of new error reports.


2019 rank: 14 (+7)

A new entry in HackerOne's Top 10 is the Russian email service which recorded the biggest jump in this year's ratings. The company has paid more than $ 819.000 in bug bounties over the past 12 months to reach a total of $ 1,119,000 since its registration in the platform in April 2014.


2019 rank: 11 (+3)

Another program that has been very active in the last 12 months has been GitHub. The company paid more than $ 467.000 to security researchers for errors reported in the last 12 months, raising the total amount to $ 987.000 since its release in April 2016.

9) Valve

2019 rank: 9 (-)

Valve maintained its position in the Top 10 this year, remaining in # 9. In the last 12 months, the company paid an additional $ 381.000 in bounties to "bug hunters", increasing its total to $ 951.000 from the start program at HackerOne in October 2017.


2019 rank: 7 (-3)

Despite awarding more than $ 344.000 in bug bounties in the last 12 months, that was not enough for Airbnb to maintain its # 7 position since last year. In 2020, the company ranked # 10 after awarding more than $ 944.000 in bug bounties since February 2015.


Please enter your comment!
Please enter your name here

Teo Ehc
Be the limited edition.


Avaddon ransomware: Attacks through Excel 4.0 macros

Microsoft announced yesterday that Avaddon ransomware spread this week through an old technique that came to the fore again. The...

Apple: Prohibits updating Chinese Apps without permission

Apple is banning developers from updating existing apps in China's App Store if they don't have government approval.

Australia: Thousands of MyGov accounts are sold on the Dark Web

Access to more than 3600 MyGov accounts is being sold on the dark web, potentially exposing thousands of Australians to fraud and identity theft.

Party Time: Watch TV with your friends online

Party Time: Watch TV with your friends on the internet Time for a different party than you are used to, watching your favorite ...

CISA and FBI warn businesses of Tor's risks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning to businesses regarding ...

openSUSE: The new Leap 15.2 hard drive has been released

Recently, the next stable version of the openSUSE operating system was released. According to the development team of the operating system, ...

What are the most popular types of malware?

Researchers are looking for the most common types of malware. During the investigation of the malicious activities, the researchers in cyberspace focus ...

REvil ransomware: Target the Light SA electricity company

The operators of REvil ransomware (also known as Sodinokibi) violated the Brazilian electricity company Light SA ...

LinkedIn: Our bug is due to an iOS problem

A representative of LinkedIn told ZDNet yesterday that an error in the iOS application was responsible for a seemingly "interfering behavior" that ...

Valak Info Stealer targets businesses in Europe and America

Many businesses in North and South America, but also in Europe, have fallen victim to the infamous Valak Info Stealer.