On March 10, 2021, CEE Legal Matters reported that Provaris had advised Hackrate on the development of an "ethical hacking services" offer for clients. CEEIHM spoke with Balazs Pozner, CEO & Founder at Hackrate to learn more about the matter.
CEEIHM: Could you please tell our readers a bit about Hackrate?
Balazs: Hackrate is a B2B startup providing IT security and bug bounty services. A bug bounty uses the power of crowdsourced security to prevent potential data breaches by reducing security risks. During a bug bounty program, a company can offer rewards to ethical hackers for reporting software vulnerabilities.
Levente Molnar, co-founder of Hackrate, and I previously worked together in IT security, and we developed the platform based mainly on our experiences in penetration testing and bug bounty programs.
CEEIHM: Provaris recently advised your company on the development of its "ethical hacking services." How do these services work, and whom are they intended for?
Balazs: Our bug bounty platform connects companies and ethical hackers. The platform can help companies to manage software vulnerabilities and the disclosure of such vulnerabilities in their systems. Bug bounty programs must be carefully planned and responsibilities must be crystal clear before the launch of a bug bounty program.
Our services are aimed at companies where the protection of companies' data is crucial to secure undisrupted business continuity. Companies that follow agile developing principles can profit the most from a bug bounty program. For example, if new product releases are rolled out frequently, traditional penetration testing services can be very time-consuming and costly. Our secure platform helps companies easily manage software vulnerabilities and keep the related reports centralized while our clients can immediately access the identified vulnerabilities in their systems, and software and the related proof-of-concept code.
CEEIHM: What is on Hackrate's horizon, now that this project is complete?
Balazs: The next project will be the automation of our onboarding process. Currently, we are offering consultations to our clients during the preparation phase. Until the end of the year, we will automate some part of the consultation while direct support will be available if required by clients.
CEEIHM: What were some of the legal intricacies of this project, and how did Provaris handle them?
Balazs: Our project with Provaris started when our platform was in the finalizing stage. In some cases, we could not provide details in some questions. Therefore, flexibility on Provaris' part was necessary. With clear and honest communication and reprioritization of the tasks, we handled that.
CEEIHM: Finally, what made you choose Provaris as your advisor?
Balazs: During the selection process, field experience in IT security and legal issues of cybersecurity services was an essential factor for us. We have contacted several advisors, and Tamas Bereczki and Adam Liber have demonstrated considerable IT security experience concerning the services that we intend to provide. Beyond fulfilling the legal requirements, our focus was to provide practical examples to make conditions easier to understand for our users.
Originally reported by CEE In-House Matters.