CORRECTED-As payment for spotting software flaws grows, HackerOne names new exec

Wed May 28, 2014 6:54pm EDT

Related Topics

(In last paragraph, corrects John Hering's title to executive chairman of Lookout, not chief executive)

By Joseph Menn

SAN FRANCISCO May 28 (Reuters) - As a movement toward paying security researchers who report vulnerabilities in technology products gains steam, prominent advocates for the practice have recently left jobs at Microsoft and Facebook to pursue a venture-backed business coordinating the practice.

Katie Moussouris, credited for making Microsoft much more responsive to bug reports by researchers, said Wednesday she had joined startup HackerOne as chief policy officer, joining Alex Rice, a former Facebook product security chief. Rice, a co-founder and chief technology officer of HackerOne, had launched Facebook's "bug bounty" program, as such plans are sometimes called.

HackerOne offers companies a free system for processing flaw reports. Those companies decide whether to pay the researchers and how much, and they can pay HackerOne for advice.

Other young companies, such as Bugcrowd and Synack, likewise coordinate attempts to find flaws for pay. The practice "is definitely gaining recognition from a lot of mainstream players," Moussouris said.

Also on Wednesday, HackerOne said it had raised an investment of $9 million led by venture firm Benchmark, and that Benchmark partner Bill Gurley and John Hering, executive chairman of smartphone security company Lookout Inc, have joined its board. (Reporting by Joseph Menn; Editing by Leslie Adler)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.