YesWeHack and Ferrero inaugurate Italy’s first live hacking event

October 16, 2024

The YesWeHack triage team collaborates with Ferrero's program managers during the live hacking event in Rome

ETHICAL HACKERS CHALLENGED TO FIND SECURITY SYSTEMS VULNERABILITIES DURING THE LATEST EDITION OF ROMHACK

YesWeHack, the global bug bounty and vulnerability management platform collaborated with Ferrero, one of the world's largest sweet-packaged food companies, in hosting Italy’s first-ever live bug bounty event.

The landmark competition, which saw some of Europe's most talented ethical hackers compete for points, prestige and financial rewards, took place on 28 September at the RomHack cybersecurity conference in Rome. More than 50 ethical hackers took part in live bug bounty events where participants hack intensively for 10-36 hours.

Bug bounty programs crowdsource the security testing of digital applications and information systems by inviting ethical hackers (or ‘hunters’) to probe specific targets (‘scopes’) for vulnerabilities – which, if found, earn them financial rewards (bounties). Growing numbers of organisations in a range of sectors, including nearly all of the world’s largest companies, use bug bounty to improve their security.

“Vulnerabilities exist in increasingly complex modern applications. A live bug bounty helps organisations find and fix many vulnerabilities in a short period of time. Hacking against the clock, ethical hackers collaborate and compete to achieve eye-catching results, as well as giving developers and security teams advice that reduces the risk of new vulnerabilities being created in future,” said Guillaume Vassault-Houlière, CEO and co-founder of YesWeHack.

Active participation in the live hacking session further confirmed our commitment to foster a culture of innovation and to enhance collaboration with the global community of cybersecurity professionals. We recognize the key role that ethical hackers and researchers play in identifying vulnerabilities and improving the overall security of systems, with a clear benefit for both our consumers and our business,” said Vittorio Addeo, Cyber Offence Manager of the Ferrero Group.

“This opportunity was essential to explore new areas and methodologies for detecting vulnerabilities, push the limits of security testing, and strengthen our proactive approach to protecting digital assets and data. The goal is to learn, grow, and continue to build a more secure digital environment,” added Andrea Lombardini, Group Cyber Security Manager of the Ferrero Group.

Taking part in the RomHack live bug bounty was not an isolated initiative: Ferrero always aims to achieve excellence, which is why it launched its private bug bounty program in February 2023 with a limited number of researchers chosen on the basis of their skills, ranking and reputation.

That program was developed in response to the company's need to test the Group's top brand websites, while ensuring that the internal organisation and processes put in place by the company’s Cyber Team were effective. In the future, Ferrero plans to invite more ethical hackers into its bug bounty program, entrusting them with conducting increasingly in-depth tests.