Not even the strongest or most skilled organizations have the headcount and capacity to avert system vulnerabilities on their own. There is strength in numbers. Hackers are that army - and at HackerOne, there's 80,000+ white hat hackers who want to make your software more secure. Hackers ARE: Problem-solvers, Curious, Technically skilled, Diverse in background and education Hackers are NOT: Criminals. Using their skills for a malicious purpose This presentation dives into *who these hackers are and what motivates them. We look at some successful hacker profiles and see what separates the best from the rest.

1. MEET THE HACKERS POWERING
THE WORLD’S BEST BUG
BOUNTY PROGRAMS
Adam Bacchus, Chief Bounty Officer
Lauren Koszarek, Dir. of Communications

2. Adam Bacchus serves as Chief Bounty Officer at HackerOne. Previously
Adam was a member of Snapchat’s security team. Before Snapchat,
Adam was on Google’s security team where he helped run Google’s
penetration testing and bug bounty programs. Adam’s previous
experience includes four years of security consulting, primarily in
application and network pentesting.
@sushihack
Lauren Koszarek is the Director of Communication at HackerOne.
Previously Lauren was a Security Communications Strategist for
Blackberry. Lauren has experience driving proactive and reactive
communications for brands including, Microsoft Trustworthy Computing,
T-Mobile and HTC, among other.
@LKozz
Adam Bacchus
Lauren Koszarek

3. ● Hacking scalability
● Hacker survey data
● Hacker profiles
● 4 Reasons to work with
hackers
● Q&A
Today’s Agenda

4. Bug Bounty 101
HackerOne is the world’s #1 bug bounty platform

5. Strength in Numbers
Not even the strongest or most skilled
organizations have the headcount and capacity
to avert system vulnerabilities on their own.

6. Strength in
Numbers
Security experts
in your
organization

7. Strength in
Numbers
Security experts
in your
organization
Security experts among
all your vendors and
contractors

8. Strength in
Numbers
Security experts
in your
organization
Security experts among
all your vendors and
contractors
80,000+ white hat hackers
on HackerOne

9. Strength in Numbers
80,000 hackers strong
$10,000,000+ earned in bounties
32,000+ vulnerabilities resolved
600+ customers

10. Who Are These Hackers?
/ha–ker/: One who enjoys the intellectual
challenge of creatively overcoming
limitations. - MIT
Hackers ARE: Problem-solvers, Curious, Technically
skilled, Diverse in background and education
Hackers are NOT: Criminals. Using their skills for a
malicious purpose

11. 11
Where in the world?

13. 13

16. Not all hackers are created equal

17. Hacker Profiles

18. Hacker Profile : meals
Sean Melia | 26 years old | U.S.A.
● Pentesting 4+ years
● Bug bounties 2+ years
● Found 570+ bugs
“Bug bounties have changed my life significantly. I've been able
to purchase a house as well as go on trips and purchase nice
gifts for my family and girlfriend.”

19. Hacker Profile : nnwakelam
Nathaniel Wakelam | 21 years old |
Australia
● Self-taught bug hunter
● Bug bounties 3+ years
● Helped GM, Snapchat, Yahoo,
Uber and Adobe find 372+ bugs
● Uses bounties to fund his charity
Hackers helping hackers
‘Bug bounties have given me cash money, skills, sent me
around the world, and I've forged some lifelong friendships due
to taking part in them’

20. Hacker Profile : mlitchfield
Mark Litchfield | U.S.A.
● Hacking since ‘99
● 1st hacker to earn $500k+ on H1
● Helped Dropbox, Uber, Shopify and
many more resolve 450+ bugs
Mark chooses which bug bounty programs to work on
based on “How well do they respond, how quick do they
fix / pay.”

21. 4 reasons to work
with hackers

22. 1. Hackers Gonna
Hack

23. 2. Enhanced Public
Image

24. 3. “Always On” vs.
“Point in Time”

25. 4. Find and Improve
Gaps in SDLC

26. Questions?
sales@hackerone.com

27. Thank you!
sales@hackerone.com