Why do hackers choose your company? How do they prefer to hack and which assets do they prefer to attack? It's all in the new HackerOne report.
HackerOne is a security platform that helps organizations find vulnerabilities before they are exploited by rogue hackers. They use ethical hackers and in the United States a lot of Fortune 500 and Forbes Global 1000 companies rely on their services.
In their latest report, they reveal many of the secrets of hackers.
How do they choose their targets?
For ethical hackers, 'the chance to learn from a hacking experience' is the biggest motivator. What is also striking is that hackers often choose companies for which they feel a lot of sympathy. Like a company' is number 2 in the motifs. In addition, the responsiveness of the security team to the hackers also appears to be important.
What do they prefer to hack?
An overwhelming majority immediately chooses the website. In addition, opinions are divided and range from firmware, operating systems to downloadable software, but also Android Mobile, Internet Of Things and 'Technology that has their data' are mentioned.
Which technique do they prefer to use?
Here, too, there is one clear crowd pleaser. Approximately 38% resolutely opts for XSS, but with 13.5%, SQL Injection is also well represented. Fuzzing, Business Logic and Information Gathering join the top 5 techniques.
The report also shows that more and more people are starting to hack. And this trend is unfortunately not only visible among ethical hackers.
Are you curious about all the results of the report? Then you can download it here.
Are you more interested in how you can easily secure your company's digital assets? Then be sure to read this article by my colleague Christophe.