Hacking is considered a bad thing. However, good things can also be done through hacking. Many big organizations employ hackers. If you want, hacking can also be taken as a profession. Tamjid Rahman Leo says
Hacker. Hearing the word brings up a negative thought in many people's minds. This hacker is like the terror of the internet world. Around 1960, the word hacking was used only among engineering students. At that time, 'hacking' meant making a system or machine more effective in some way. However, now most people understand hacking as causing damage to something in the internet world. In fact, hacking is not only bad things in the cyber world, it has negative sides as well as positive sides. Those who hack for good purposes are called 'ethical hackers', and those who hack to cause harm are called 'unethical hackers'. Sadly, the number of unethical hackers in the world is much higher than ethical hackers. Because many young people are getting involved in cyber crimes while practicing hacking as a hobby. Every year, many organizations are facing losses worth crores of rupees due to this crime alone. All very important confidential documents are being stolen. Due to the high level of crime, once caught, the rest of the lives of these young hackers are ruined.
But many people are unaware that it is also possible to earn a good amount of money through legal hacking or ethical hacking.
Job as an ethical hacker
The number of cyber attacks in the technology world is now higher than ever. Not only small organizations, but also large and well-known organizations, and even government organizations are not exempt from cyber attacks. There have been incidents of data theft from large organizations like NASA, the US Army, HBO, NSA, Uber, Equifax, and Accenture. In addition, multiple ransomware have also spread to many countries. To protect their organizations from these, large government and private organizations around the world are hiring ethical hackers or cybersecurity experts. According to a report by Global Knowledge, ethical hackers or cybersecurity experts are the second highest paid in the IT sector worldwide. The demand for ethical hackers or cybersecurity experts is also increasing day by day in Bangladesh.
Bug Bounty
Bug bounty is a program through which various government and private organizations reward independent cybersecurity researchers from all over the world through various platforms in exchange for finding vulnerabilities in their cybersecurity. There are various small organizations; as well as large organizations like Facebook, Microsoft, Google, NASA, Intel, Uber, Netflix, HP, etc., depend on bug bounty platforms for their cybersecurity. Depending on the type of security flaw or bug, the organizations offer bounties ranging from a minimum of $50 to a maximum of $250,000 per report in addition to gifts. In this case, the bug reporter has to submit bug reports by following certain procedures or rules, and if the platforms do anything illegal or unethical, it is not suitable for the bounty.
Reasons for paying the bounty
Hacking cannot be learned only institutionally, it is like an art. How strong a hacker is depends entirely on his skills, thinking power and creativity. Therefore, even if an organization hires paid ethical hackers, it cannot be completely safe. All the renowned organizations in the world have their own cybersecurity and incident response teams. Despite this, there is a common thing in the cyber world that no system is 100% secure. For this reason, organizations do not rely only on their own teams but invite white hat hackers from all over the world through various platforms to expose their cybersecurity flaws.
Bug bounty platform
Bounty organizations offer bounties to hackers through various web platforms in addition to their own websites. On these platforms, they state their requirements, as well as a list of how much dollars they will pay as a bounty for a type of bug. Not only that, but there are also clear instructions on which types of bugs are not covered by the bounty. Popular platforms among hackers are:
HackerOne, Bugcrowd, Synack, Detectify, Cobalt, Open Bug Bounty, Zerocopter, YesWeHack, HackenProof, Vulnerability Lab, FireBounty, BugBounty Japan, Antihack, Intigriti, SafeHats, RedStorm, Cyber Army, Yogosha|
The best bug bounty programs of the year
Microsoft
Microsoft officially launched their bug bounty program on September 23, 2014. They only offer bounties for critical and critical bugs. In this program, they offer bounties ranging from a minimum of $15,000 to a maximum of $250,000. Microsoft offers the highest bounties in bug bounty programs.
Apple
When Apple first launched its bug bounty program, it only allowed 24 security researchers to participate. Later, Apple opened its bounty program to everyone. Although Apple doesn't have a specific amount for bounty payments, they have paid out bounties of up to $200,000.
Facebook
Facebook's bug bounty program allows security researchers to report security vulnerabilities in Instagram, Atlas, and WhatsApp. While their minimum bounty is $500, the interesting thing is that they have no maximum bounty limit. They are willing to pay any amount based on the type of bug.
Google
Blogger and YouTube are also included in Google's bounty program. They only offer bounties for five types of bugs. Google offers bounties ranging from a minimum of $300 to a maximum of $31,000.
Yahoo
Yahoo has been repeatedly hacked and has set up a separate team to run its bug bounty program. The main task of this team is to thoroughly examine the bug reports sent by security researchers and understand how much damage these bugs can cause. There is no minimum amount for Yahoo's bounty program, but they offer bounties up to a maximum of $15,000. It is a matter of joy that a security researcher from Bangladesh has also received their highest bounty for finding a very important bug in Yahoo.
Uber
Popular ride-sharing service Uber has launched a bounty program to protect the information of its users and employees. While there is no set minimum bounty, they offer a maximum bounty of up to $10,000.
Avast
Antivirus company Avast offers bounties to security researchers for finding security vulnerabilities in various categories. Bounties ranging from a minimum of $400 to a maximum of $10,000 are available through their program. They run this bounty program on their own website.
Twitter
Twitter offers rewards ranging from $140 to $15,000 for reporting cybersecurity vulnerabilities. The company runs its bounty program through HackerOne, a popular bug bounty platform.
