Bug bounty and VDP platform YesWeHack hauls in $18.8m to help firms find online threats

Paris-based YesWehack, a bug bounty and Vulnerability Disclosure Policy (VDP) platform raised $18.8m in Series B funding led by Banque des Territoires and Eiffel Investment Group.

The company’s Series A investors Normandie Participations and CNP Assurances also participated in the round.

YesWeHack will use the funding to help organisations worldwide to raise their cybersecurity strategy and address the challenges of digital transformation. The investment will accelerate its R&D efforts and increase its international presence and expand globally. The company is planning to hire 100 new employees over the next 18 months in and outside France.

Founded by Manuel Dorne in 2015, YesWeHack offers a Bug Bounty program connecting more than 25,000 ethical hackers across 170 countries to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure, and connected devices.

YesWeHack CEO Guillaume Vassault-Houlière said, “Covid-19 has considerably accelerated the modernisation of our client’s IT systems and increased their attack surface. Security teams realise that traditional approaches are no longer sufficient. That’s why at YesWeHack, we offer an agile and scalable solution that meets these challenges.”

The French company runs both public and private programs for hundreds of organisations worldwide. The bug bounty company has witnessed a growth of 450% since its first round of funding just two years ago. Right now, the company operates in Europe and Asia-Pacific. YesWeHack works with and provides its services to businesses within the UK.

In fact, the company worked with London-based OVH, an Internet Service Provider providing dedicated servers, shared and cloud hosting, domain registration, and VOIP telephony services.

Besides Bug Bounty, the company also offers support in creating VDP, a learning platform for ethical hackers called Dojo, and a training platform for educational institutions, YesWeHackEDU.

YesWeHack established its Asia Pacific headquarters in Singapore in 2019 and has since seen growing market demand for the crowdsourced security model in the region. Last year, the company recorded a 250% growth in Asia Pacific revenue, with YesWeHack suggesting the trend reveals the appetite for an alternative approach to cybersecurity management in the region.

Currently, 40% of YesWeHack’s security researchers are based in Asia, and 30% of the organisation’s clientele are based in Australia, China, Indonesia, Malaysia and Singapore. As a result, the organisation aims to use some of the Series B investment to grow its Asia Pacific customer base to half of the company’s global revenue. A key focus is on growing the company’s regional office in Singapore as the organisation plans to more than double its current headcount by 2022.

Investment director of Banque des Territoires Antoine Troesch added, “Banque des Territoires is firmly committed to cybersecurity as it has become a significant concern for local authorities and public players. We will continue to support French companies in this sector and help them excel at a global level. We are delighted to participate in YesWeHack’s latest fundraising round and support their development.”

Bug bounty programs are currently gaining popularity with Microsoft extending its ongoing ‘bug bounty’ program to its Teams mobile applications, offering rewards of up to $30,000. In June, Amazon Web Services launched a challenge for developers to collectively tackle one million software bugs.

The global Bug Bounty market was valued at $223m in 2020 and is expected to reach $5,465m by 2027 with a growing CAGR of 54.4 % during the forecast period.

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.