View all on-demand sessions from the Intelligent Security Summit here.
Vulnerabilities are everywhere. Every device, application, and API provides attackers with new entry points to exploit and access privileged information. However, more and more organizations are turning to ethical hackers to track potential exploits.
In fact, according to from HackerOne Hacker-Powered Security Report 2022, released today, ethical hackers discovered more than 65,000 software vulnerabilities in 2022, a 21% increase since 2021.
The report found that digital transformation projects had contributed to a 150% increase in misconfigurations and inappropriate authorization by 45%.
At a high level, the research shows that ethical hacker communities are capable of identifying vulnerabilities at scale, while highlighting that internal security teams cannot afford to rely on traditional manual approaches to vulnerability management.
Scalable vulnerability management with ethical hackers
The survey comes as more organizations feel pressure to manage an ever-growing number of exploits, with 66% of security leaders reporting a backlog of more than 100,000 vulnerabilities and 54% saying they can patch less than 50% of vulnerabilities in their backlog.
This large number of vulnerabilities has created the need for a more scalable approach to vulnerability management, which ethical hacking and bug bounty providers such as HackerOne provide.
“Insights from the hacking community on their experience and expectations teach organizations how to run a best-in-class program that will attract the best hackers,” said HackerOne CISO and chief hacking officer, Chris Evans.
“HackerOne’s vulnerability data, drawn from our 3,000 client programs, shows organizations which vulnerabilities are driving their peers to report hackers. Customers continue to introduce risk during digital transformation projects. The report also shows that hackers are adept at identifying the vulnerabilities introduced so that our customers can fix them before they lead to an incident,” said Evans.
VentureBeat’s mission is to become a digital city plaza where tech decision makers can learn about transformative business technology and execute transactions. Discover our Briefings.