Want to strengthen your digital security? Pay someone to break into your software - and your systems.
LAST MAY, UNITED AIRLINES, still struggling to integrate its computer system with Continental’s following the merger of the two companies, issued an open call to hackers. The challenge: to locate and report security holes on its website, with airline miles as an incentive for successful finds. Uncovering a scripting flaw could earn 50,000 miles, while a vulnerability that allowed denial-of-service attacks could score 250,000 miles. Within two months the Chicago-based carrier had shelled out 1.8 million miles for several bugs, including two so-called remote code execution flaws that could have let a hacker take over United’s system.
United’s experience reflects a sobering truth: No matter how many hours your digital team sweats it out in front of a computer, they’re never going to find and patch every vulnerability. And even if you pay an outside firm to do the job, it almost certainly won’t find everything either. But a boundless, global army of hackers who are paid only when they unearth security bugs? Now you’re talking.
Once the purview of tech giants like Facebook and Google, this model has gone mainstream. Today, hundreds of companies host so-called bug-bounty programs spanning apps, software, and company networks. Some companies have invitation-only programs. Many post program guidelines on their websites, including a schedule of payouts based on the seriousness of a flaw.
So how do you throw open your arms to ethical hackers without wasting your time or—far worse—exposing something critical that someone can exploit? A few pros share their insights. —KATE ROCKWOOD
Start With Self-Scrutiny
Bu hikaye Inc. dergisinin February 2016 sayısından alınmıştır.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber ? Giriş Yap
Bu hikaye Inc. dergisinin February 2016 sayısından alınmıştır.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber? Giriş Yap
Karen Dillon
I moved my wedding to attend a company offsite. It was a terrible decision, but a vital lesson on balance.
The Ultimate Home-Based Business
Thirty years since her breakout on Friends, Courteney Cox is taking on a new role-entrepreneur.
An Uphill Battle
Zwift has been through layoffs and a leadership change in 2024, but co-founder and CEO Eric Min says he's learned that building a startup, like cycling, is an endurance test.
The GLOW UP
How Glossier broke free from DTC, survived the skeptics, and finally achieved profitability.
The Snack That Gives Back
With a new partnership, SkinnyDipped is supporting women founders worldwide.
A New Path to SuCCESS
AllTrails may have achieved the impossible-an app that truly helps you get away from it all.
The Back-lash Survivors
Don't challenge Elizabeth Gore and Carolyn Rodz to a game of highs and lows. The Hello Alice co-founders will win-by a long shot.
The Spa Surge
Prime IV Hydration & Wellness has successfully weathered stormy waters.
Riding the Waves
With Beehiiv, Tyler Denk built a buzzy newsletter platform and a brash online persona. Both are lucrative.
Home Economics
How Chairish brought the circular economy to furniture.