Hatforce is a crowd-sourcing penetration testing platform for Mobile, Web and Desktop applications which rewards ethical hackers for performing IT security tests for clients.
The concept is simple: a client registers on Hatforce.com and offers a reward, let’s say 80 €, for each vulnerability that is found in their application. The client specifies as well how many vulnerabilities he wants to pay. Testers can then register on Hatforce.com and sign a legal agreement, which allows them to “hack” the clients product. If a tester finds a valid vulnerability, the client pays him.
Hatforce is offering a contract which has been verified by a lawyer in order to legalize the penetration test. Google, Facebook and other companies are already using the potential of the crowd for their “Bug Bounty” programs but without a specific contract which would protect the testers. With Hatforce.com every company is capable of using the benefits of crowd-sourcing penetration testing through a legal agreement.