Mårten Mickos: Why I Joined HackerOne as CEO
I am joining HackerOne as its CEO because the company is on an important mission for our connected society.
Credit: Senja Larsen
More Networked. More Vulnerable.
Our world is increasingly networked, and as a result increasingly vulnerable. Securing our environment is not only important to preventing cybercrime, but also to defending basic human rights and freedoms. Until now, security solutions were based on building walls and gates. This is no longer adequate. A global task force harnessed to combat the new threat landscape is required. HackerOne brings together responsible hackers and responsible corporations to eradicate vulnerabilities in systems on the Internet.
In addition to representing a cause, HackerOne is also a rapidly growing business. Over 350 customers have already signed up for HackerOne's vulnerability coordination platform. On this platform, nearly $5 million in bounties has been paid to 2,000 contributing hackers for finding over 14,000 vulnerabilities. Leading Internet companies such as Adobe, Twitter, Dropbox, Airbnb, Yahoo! and Square depend on HackerOne for vulnerability coordination. Key industry leaders such as Marc Benioff of Salesforce.com, Jeremy Stoppelman of Yelp, Drew Houston of Dropbox and Yuri Milner are early investors in the company.
Securing the connected world is one of the most pressing challenges of our time.
While software improves modern life, the reality is that the solutions that secure software are easily outpaced and frequently rendered inadequate. Point solutions, perimeter-based protection and static analysis are just a few examples. By making secrecy synonymous with security, we find ourselves in a state where cybersecurity is both expensive and incomplete.
A Better Way
With the right incentives, we see responsible hackers helping responsible corporations. The result is a safer, connected world. Today, we're already in a better place because leading companies like Google, Microsoft, Facebook, Yahoo!, United, ING Group and AT&T run responsible disclosure programs. By incentivizing report submissions, organizations can find the most threatening vulnerabilities with help from an army of highly skilled and motivated hackers.
HackerOne provides a platform for corporations to benefit from the intellectual power of the global hacker community. The business draws inspiration from Linus Torvalds, creator of Linux, who once said that "The only real solution to security is to admit that bugs happen."
Our collective power is stronger than that of any individual.
For me, personally, this is among the most vital roles I could take. As CEO of MySQL, and then Eucalyptus, I've spent the past 15 years in the world of open source software ‐ a world that demonstrates that collective power is stronger than the power of any individual. "Given enough eyeballs, all bugs are shallow," said Eric S. Raymond when establishing Linus's Law, as open source software showed superior quality compared to that of closed source software.
HackerOne is a marketplace for the networked economy, where small positive actions by a large number of people results in economic gains for all involved. Rapid evolution flourishes in globally distributed organizations where the best minds draw from one another for a worthy purpose. There is nothing that can beat human brains working together. HackerOne takes these principles to a new industry, and a new level.
We are still in the early days of the 21st century, the early days of an all-encompassing Internet, and the early days of cybersecurity. HackerOne is a pioneer in this field, breaking new ground as hackers help companies protect themselves against vulnerabilities. Through this new approach, HackerOne is empowering the world to build a safer Internet, facilitating the advancement of society, and protecting citizens and corporations.
– Mårten Mickos
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.