Orders from companies are mainly published on special platforms such as HackerOne, Bugcrowd, SafeHats and Synack. Instagram Facebook, Apple, Paypal, and many other major companies also support bug bounty programs.
How much does a white hacker earn?
The earnings of white hackers depend on many factors, ranging from their skills to simple luck. For many, ethical hacking is a hobby or periodic employment, not a full—time job. However, in a survey for 2019, the HackerOne platform found out that already 7 people, mainly engaged in hacking, have earned more than $ 1,000,000, another 13 — $ 500,000, and another 146 — $ 100,000. The BBC writes in its article that the most successful white hats are hackers who can receive more than $350,000 (~25,600,000 rubles) a year, and as part of bug bounty programs, companies pay up to $50,000 (~3,600,000 rubles) monthly.
How to become a white hacker?
Hackers mostly learn independently from information they find on the Internet, but recently ethical hacking courses have begun to appear, for example Hacker101 from HackerOne.
It is also not uncommon for people with Computer Science and information Security education to become white hackers.
Information security specialist = hacker?
Not really, because an information security specialist primarily designs protection, and a hacker, even an ethical one, tries to find vulnerabilities in it.
It is not necessary to put an equal sign between hackers, even “white” ones, and information security specialists. This is a common stereotype: if there is security, then there must be a hacker. In fact, there are a lot of directions in the IB: these are specialists in the organization and methodology of security, whose tasks include maintaining the necessary documentation and supporting the IT infrastructure within the framework of legislation, and analysts, whose duties do not include hacking skills at all