Santiago Lopez began invading company laptop programs at age 16, after he realized to hack from YouTube movies and like-minded pals.
Now 21, he says he by no means needed to commit crimes. Quite, he’s a bounty hunter, invited by corporations to search out holes of their enterprise networks and burrow into their susceptible information. The thought is that an organization will then repair what’s flawed to harden itself towards unhealthy actors—“black-hat” hackers—trying to steal information, conduct espionage and disrupt enterprise operations. Like others in a stable of “white-hat” attack experts associated with bug-bounty firm HackerOne, Mr. Lopez will get paid commensurate with the severity of the weaknesses he identifies. He and different members swarm purposes and web sites to search for safety holes missed by clients that contract with the San Francisco-based agency. Huge issues pay huge cash.
Mr. Lopez is sweet at his job: Final 12 months, he reached $1 million in bounties since he began and is now closing in on $2 million in whole, he says. Just lately, he has discovered bugs for Airbnb Inc. and Verizon Media Group.