From the recent Sony hack to last years Target security breach, cyber attacks and their potentially devastating effects for organizations and individuals have frequently made the headlines. While the black hat (malicious) hackers that have inflicted these attacks are typically spotlighted in these reports, a lesser-known community of benign hackers, i.e. white hats or bug bounties, has emerged as a counterforce in cybersecurity. Researchers at Penn States College of Information Sciences and Technology (IST) are analyzing the dynamics of the white hat market and how the talents of the community can most effectively be used. The white hat community operates by submitting vulnerability discovery reports to public vulnerability disclosure programs (VDPs) and company-initiated vulnerability award programs (VRPs). Companies such as Facebook, Google and Mozilla have established VRPs that pay white hats to hack. Studies have shown that harvesting vulnerabilities from the white hat community is cost-effective, and startup companies such as HackerOne and BugCrowd, act as brokers between white hats and software companies.
Posted on: Sun, 25 Jan 2015 00:54:23 +0000
Trending Topics
Recently Viewed Topics
© 2015