Cybersecurity
The Big Business of Smashing Bugs
New marketplaces let companies tap the skills of ethical hackers
This article is for subscribers only.
Frans Rosén is a tech entrepreneur by day and a bug bounty hunter by night. The co-founder of Detectify, a security startup in Stockholm, spends his evenings scouring websites for vulnerabilities cybercriminals could exploit. Since he began moonlighting in 2012, he’s collected $100,000 from companies in reward for tipping them off to flaws he unearthed. “Seventy to 80 percent of the bugs I find are not detectable by software,” says Rosén, 29, who manually combs through line after line of code.
As the pace of app rollouts, website launches, and software upgrades picks up, more companies are relying on freelancers to uncover flaws. When spotted by malicious hackers, defects can open the door to devastating zero-day attacks.