YesWeHack today announced record 250% growth during 2020 in Asia, including a 120% increase in the number of Bug Bounty programs launched on the YesWeHack platform. On the hacker side, YesWeHack’s Asian community has more than doubled, and now represents 35% of the total community of 21,000 hunters. Created in 2013 in France and established since 2019 in Singapore, this growth underscores YesWeHack’s position as one of the leading players in crowdsourced security in Asia and confirms its position as the only alternative to American platforms.
Crowdsourced security for all
The technology sector was the first market to adopt the crowdsourced security model, and remains the most significant market for YesWeHack. This is followed by the finance and insurance sectors, which respectively represent 35% and 26% of the Bug Bounty programs launched on the platform in 2020.
The financial sector is predicted to rebound significantly during 2021 as a result of the guidelines issued by the Monetary Authority of Singapore, which for the first time include Bug Bounty as a means for financial institutions to discover IT system vulnerabilities.
Twice as many vulnerabilities detected in 2020
The YesWeHack hacker community identified twice as many vulnerabilities in 2020 compared to 2019. Some 30% of the reported vulnerabilities on the YesWeHack platform were qualified as ‘high’ or ‘critical’, meaning they would have had a devastating impact had they been exploited by pirates. For example, exposing all customer data or entirely compromising an infrastructure.
In terms of the types of vulnerabilities detected, YesWeHack notes that the evolution of technologies has led to a slight but constant increase in vulnerabilities. These result from implementation or design flaws (secure design and access control) that reduce the number of so-called technical vulnerabilities (input issues). This trend is expected to increase in the coming years as the hardening of the development frameworks continues.
Ethical hackers will play a central role in 2021
Commenting on this growing demand for crowdsourced security, Kevin Gallerin, APAC Managing Director, says, "2020 marked a turning point for Bug Bounty in Asia. CISOs now consider Bug Bounty as an indispensable and agile tool to secure their organizations. They no longer question what Bug Bounty is, they now include it at the heart of their security strategies. Their only question is how and when to implement it."
View source version on businesswire.com: https://www.businesswire.com/news/home/20210121005425/en/