“Adult entertainment” site YouPorn is the latest technology brand to turn to the white-hat hacker community to help squish bugs in its online properties.
The Los Angeles-headquartered firm — owned by a company called MindGeek that operates a slew of sites across the broader Pornhub Network — says that it’s looking to “boost the safety” of its online visitors by offering security professionals rewards of between $50 and $25,000 to find weaknesses in its systems.
Not only is YouPorn one of the most visited pornography websites in the world, it’s one of the most visited websites overall, with a current Alexa ranking of 230, and claims an average of one billion video views a month. And now YouPorn is following in the footsteps of sister company Pornhub, which launched its own bug bounty program last year.
Bug bounty programs are big business — back in October, Facebook revealed it had paid out $5 million in five years to hackers, while Google has paid out millions of dollars in rewards since it launched a program in 2010. And back in August, Apple launched its first bug bounty program.
The demand for white-hat hackers is such that a number of businesses have sprung up dedicated to that specific cause. San Francisco startup Bugcrowd has raised around $23 million in funds to date to help connect companies with security researchers. And just last week, fellow San Francisco-based bug bounty platform HackerOne announced a $40 million funding round. And it’s HackerOne that YouPorn is turning to for its own bug bounty program.
“We encourage researchers to reach out and let us know if they find any potential issues, and we will be happy to work to resolve the issue quickly,” said YouPorn VP Brad Burns. “We guarantee that they are to be fairly rewarded for their time and effort.”
Hackers qualify for a reward if they are the first to “responsibly disclose an unknown issue through the site’s HackerOne page,” according to the company. In other words, you can’t just publish your findings for everyone to see on the internet — you have to tell YouPorn directly through its HackerOne page.
“We are, of course, already equipped with an excellent developer and security staff,” added Burns. “But vulnerabilities and breaches are ongoing, so it is important to continuously stay as many steps ahead of potential online threats as possible.”