The concept is simple: a client registers on Hatforce.com and offers a reward, let’s say 80 €, for each vulnerability that is found in their application. The client specifies as well how many vulnerabilities he wants to pay. Testers can then register on Hatforce.com and sign a legal agreement, which allows them to “hack” the clients product. If a tester finds a valid vulnerability, the client pays him.
Hatforce is offering a contract which has been verified by a lawyer in order to legalize the penetration test. Google, Facebook and other companies are already using the potential of the crowd for their “Bug Bounty” programs but without a specific contract which would protect the testers. With Hatforce.com every company is capable of using the benefits of crowd-sourcing penetration testing through a legal agreement.
Please keep in mind that comments are moderated and
rel="nofollow" is in use. So, please do not use a spammy keyword or a domain as your name, or it will be deleted. Let us have a personal and meaningful conversation instead.
You must be logged in to post a comment.