Hackers congress in Hamburg. Photo: Patrick Lux/Getty

Amid a gaping shortage of skilled cybersecurity hands, a cottage industry has sprung up to fill the demand, with some of the biggest U.S. companies and agencies paying freelance bounties for detecting website vulnerabilities.

What's going on: There are currently some 301,000 cyber industry openings in the U.S., according to Cyber Seek, a firm seeking to close the shortage, forcing unorthodox solutions on the most strategically important employers.

Their target is not college graduates, but simply to lure reliable hackers, or "white hats," out of dark chatrooms and into respectable employ.

  • Websites like Bugcrowd and HackerOne are the Indeeds of this world, reports MIT Tech Review's Martin Giles.
  • Both sites feature "bug bounties" — cash rewards for finding website vulnerabilities.
  • Among those paying bounties: Airbnb, the Pentagon, GM, Lufthansa, and Starbucks, says HackerOne.

Despite the shortage, the pay appears to be generally mediocre or low, the same malady afflicting job categories across the U.S. and European economies.

  • Finding bugs pays in glory more often than in cash, like swag and tours of the U.S. Capitol, writes Tech Review's Erin Winick.
  • In a case study at HackerOne, Shopify said that as of March 15, it had used bounties to resolve 759 bug reports, "thanked" more than 300 hackers, and paid out more than $850,000 in bounties. If all were paid, that comes to about $1,100 per bug report, although in one case, Shopify said, it paid a hacker named @cache-money $15,250 for exposing a critical bug.
  • A Philippine bug hunter profiled by Tech Review earns well under $1,000 a month. At HackerOne, 3% of registered users earn more than $100,000 a year, while 12% earn $20,000 or more.

Go deeper: In February, No Starch Press will publish a how-to book called Real-World Bug Hunting, by Peter Yaworski, subtitled "A Field Guide to Web Hacking."

Go deeper

Updated 27 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 11:30 a.m. ET: 30,557,899 — Total deaths: 952,981— Total recoveries: 20,822,644Map.
  2. U.S.: Total confirmed cases as of 11:30 a.m. ET: 6,730,304 — Total deaths: 198,679 — Total recoveries: 2,556,465 — Total tests: 93,150,052Map.
  3. Politics: In reversal, CDC again recommends coronavirus testing for asymptomatic people.
  4. Health: The dwindling chances of eliminating COVID-19 — Massive USPS face mask operation called off — How the American diet worsens COVID-19.
  5. Business: Unemployment drop-off reverses course 1 million mortgage-holders fall through safety net.
  6. Education: At least 42% of school employees are vulnerable.
  7. World: Guatemalan president tests positive for COVID-19.

Trump says Republicans have an "obligation" to fill Ginsburg's seat

President Trump. Photo: Stephen Maturen/Getty Images

President Trump wrote in a tweet Saturday morning that Republicans have an "obligation" to fill Justice Ruth Bader Ginsburg's seat on the Supreme Court following her death Friday.

What he's saying: "We were put in this position of power and importance to make decisions for the people who so proudly elected us, the most important of which has long been considered to be the selection of United States Supreme Court Justices," the president said, tagging the Republican Party. "We have this obligation, without delay!"

Hundreds gather to pay tribute to Justice Ruth Bader Ginsburg along Supreme Court steps

Photo: Alex Brandon/AP

At the Supreme Court steps Friday night hundreds of people gathered to pay tribute to Justice Ruth Bader Ginsburg — singing in a candlelight vigil, with some in tears.

Details: If there is a singular mood at the Supreme Court tonight, it’s some kind of a daze manifested by silence.