Hackers are finding more severe vulnerabilities than ever before, as the total number of high or critical severity vulnerabilities identified increased 22% last year, according to the 2018 Hacker-Powered Security Report.
In addition, 24% of resolved vulnerabilities were classified as high to critical severity across industries. Bounties for high-impact findings are growing; the top bounty awarded for a single report reached $75,000 in 2017.
Competitive programs from Google, Microsoft, and Intel are offering $250,000 bounty awards for the identification of critical issues.
The study also found false positives are fading, with 80% of submitted and qualified reports proving to be valid.
The annual report, which is a benchmark study of the bug bounty and vulnerability disclosure ecosystem, is based on more than 72,000 resolved security vulnerabilities, 1,000 customer programs, and more than $31 million in bounties awarded to hackers from more than 100 countries.
From Help Net Security
View Full Article
Abstracts Copyright © 2018 Information Inc., Bethesda, Maryland, USA
No entries found