YesWeHack, Europe’s leading Bug Bounty and Vulnerability Disclosure Policy (VDP) platform, announced the appointment of Regional Director for the Middle East, Turkey, and Africa, Rabih Achkar, to spearhead the company’s expansion in the region.
Rabih Achkar will be instrumental in supporting and advising organisations of all sizes and sectors on how they can successfully adopt a bug bounty model, and the importance of a complementary Vulnerability Disclosure Policy.
“We are here to offer to the region’s digital ecosystem, a transformational approach to cyber audits through our crowdsourced security platform,” said Rabih Achkar. “Governments across the region have worked long and hard to support their communities, foster innovation and drive sustainable growth. But their efforts are under threat from malicious parties who are continually evolving their techniques to evade cyber defences.”
As the attack surface of all organisations in the region is expanding dramatically, following unprecedented digital transformation, the incidence of cyberattacks has escalated. In the UAE alone, Dubai Police’s Cybercrime Department registered 25,000 reports of malicious activity in 2020, reporting that it was the highest volume on record. And Saudi Arabia fought off more than 22 million cyberattacks in 2020, and 7 million in the first two months of 2021.
YesWeHack’s approach to cyber-defence relies on its unique Bug Bounty platform, which leverages a global community of more than 30,000 ethical hackers across 170 countries to provide customers with a virtually unlimited pool of expert testers. This community of experts can be contracted to search vulnerabilities in websites, mobile apps, and IT infrastructure, and report their findings through a secure workflow.
Platform subscribers can either privately select the experts with the skills that best fit their use case, or publicly submit their scope to the entire YesWeHack community. YesWeHack also offers a tried-and-tested VDP (vulnerability disclosure policy), which is a safe and clear framework for anyone to report vulnerabilities. VDP is part of ISO29147 and ISO30111 and encouraged as a best practice by international bodies such as NIST, ENISA, CISA, and OECD.
YesWeHack’s Middle East, Turkey and Africa expansion follows a year of plaudits and industry firsts. In April, the company received the “Cybersecurity Made in Europe” label, issued by the European Cyber Security Organisation (ECSO). The same month, the launch of a public Bug Bounty program for Swiss Post, was announced, followed in June, by the one with Asian eCommerce giant Lazada. In July, it secured EUR 16 million of Series-B funding to bolster its international expansion. In September, the company introduced the world to “virtual patching”, a technique that helps block vulnerabilities exploitation within hours, not days or weeks.