To Catch a Thief: Crowdsourcing Cybersecurity
There are literally thousands of hackers attacking the Internet on a daily basis. Their sheer numbers, if not the sophistication of any individual attack, makes for a corrosive environment that gradually wears down the security of even the most meticulously designed systems. If there is any vulnerability in the system, sooner or later someone will locate and exploit it.
Private security contractors can be expensive, and in many cases they will not find the holes that later hackers will exploit – not due to any particular lack of competency, but simply because not individual human being can match the hacking power of the crowd.
Bugcrowd, a new startup launched in 2012 by CEO Casey Ellis and CTO Chris Raethke, aims to change this state of affairs by leveraging the power of crowd hacking to help firms shore up their security.
Bugcrowd has a team of over 15,000 “white hat” hackers who have all the same skills as the classic aggressive and criminal hackers. As Bugcrowd’s website puts it, “It takes a crowd to beat a crowd. We have 15,100 good guys who think like bad guys.”
Once this crowd-sourced security analysis process turns up a vulnerability, Bugcrowd provides the tools to seal it up, either by managing the security on its own or providing guidance so that the firm can update its own security. They have a nice list of companies involved in the line of paying for security fixes and this field is expected to grow with the growing demand for such services.
Based on the overall need for this type of service, you can expect good things from them in the near future.
By Gustav Steinhardt