Oftentimes, the only way a company can ensure the absence of air gaps to secure software is through purposeful, ethical hacking.
HackerOne Inc. is bringing together the skill and resources required to provide ethical hacking as a service to companies, according to Sean Ryan (pictured, right), senior principal technical product marketing manager at HackerOne.
“Really, we’re making the internet safer using a community of ethical hackers,” Ryan said. “And so our platform enables that so we can skill-match the best talent that’s out there around the world to help find all the vulnerabilities that your company needs to discover.”
Ryan and Will Kapcio (pictured, left), senior sales engineer at HackerOne, spoke with theCUBE industry analyst John Furrier at AWS re:Inforce, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the positive value of ethical hacking and HackerOne’s crowdsourcing approach. (* Disclosure below.)
Filling the prominent talent gap
As with many other enterprise computing areas, there’s a pronounced talent gap punctuated by a dearth of adequately skilled hackers. HackerOne’s community-oriented approach tries to solve for that gap.
“If you’re trying to build a security program and apply defense in depth, we offer a terrific way to engage additional security talent either because you can’t hire enough or your team is simply overloaded too much to do,” Kapcio explained.
A platform like this couldn’t have emerged at a better time, as a lot of the collective cyber threat surface remains exposed, he added.
“We ran a survey earlier this year with 800 security and IT professionals across North America and Europe,” Ryan said. “And one of the findings from that survey was that nearly a third, actually over a third — 37% of the attack surface — is not secured. Some of it is not even known.”
Aside from the aforementioned security skill gap, the emergence of the cloud — and its subsequent blurring of established security perimeters — is one of the main factors behind today’s exposed threat area, according to Ryan.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the AWS re:Inforce event:
(* Disclosure: HackerOne Inc. sponsored this segment of theCUBE. Neither HackerOne nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)