Yogosha hits the 10,000 mark for vulnerability reports on its platform

More than 10,000 vulnerability reports have been submitted on our platform. A small step for crowdsourced cybersecurity, a big step for Yogosha.

We all have moments of self-pride. Those things that seem trivial to others, but reflect the success of our efforts. We are proud to say that a milestone has been reached: 10,000 vulnerability reports submitted on Yogosha platform.

80% of vulnerability reports submitted on Yogosha platform are validated

4.24 million dollars. That's the average cost to an organization of a data breach following the exploitation of a vulnerability, according to IBM Cost of a Data Breach 2021 report. And when it comes to cybersecurity, there will always be vulnerabilities to discover. The question is : who will find them first?

Crowdsourced security programs offered by Yogosha all have the same goal. To identify exploitable vulnerabilities before they fall into the wrong hands. And without trying to flatter our elite hackers too much, it must be said that they excel at this game:

• Over 60% of Yogosha hunters have submitted at least one vulnerability report, making it one of the most active ethical hacker communities in the world;
• More than 80% of vulnerability reports submitted on our platform are accepted by our customers;
• The vulnerabilities identified on Yogosha platform since its creation would represent a theoretical cost of more than one billion euros if they had been exploited by malicious hackers - black hats.

Only 15% of applicants join our elite hacker community

If Yogosha hunters are so efficient, it is not a coincidence. Unlike most bug bounty platforms whose communities are open to everyone, Yogosha’s community is private. We only work with highly skilled security researchers.

Our admission tests are among the most challenging on the market. They are the result of a partnership between our experts and HackTheBox, and allow us to evaluate the technical and pedagogical skills of the candidates. As a result, only 15% of them join our community.

Some will tell you that you need an army of ethical hackers to ensure your digital security. We'd argue that you only need the best soldiers.

A selection process that benefits companies and ethical hackers

This uncompromising selection is not only a guarantee of quality and security for companies that trust us, but also for the ethical hackers themselves thanks to:

• quick and efficient triage of vulnerability reports
• less competition between researchers than on public platforms
• secure payments
• research perimeters exclusive to Yogosha
• belonging to a restricted elite community that stimulates group emulation

Yogosha platform to simplify vulnerability management

Yogosha platform not only produces high quality reports, but also facilitates vulnerability management.

Centralize vulnerability management

Each step of a report can be processed directly from the platform, from qualification to closure, through verification and payment. The monitoring dashboards allow you to control the security of all your entities, and communications with hackers are centralized on the platform for a significant time saving.

Managed programs and vulnerability triage supported

Yogosha handles vulnerability triage, so that internal teams can focus on more strategic matters. Vulnerability triage is an extremely time-consuming and expensive task. According to Cobalt, the cost of vulnerability management for a public bug bounty ranges from $25,000 to $250,000. With Yogosha, this overhead does not exist because vulnerability management is included in every program – bug bounty, crowdsourced pentest and VDP.

Integrated reports for a DevSecOps approach

Our technology gives companies full visibility into hackers' activity, and their reports are natively integrated into development tools for an efficient DevSecOps approach. Reports can be exported in one click, and top priority vulnerabilities can be sent directly to developers for remediation - via Jira or Gitlab for example. This facilitates workflow and greatly improves vulnerability management.