Immunefi, one of the emerging bug bounty and security services platforms for Defi, raised $5.5 million in funding last year. It would seem that this was a low investment given the amount of money lost to hacks and scam in the past year.
It was. Immunefi has raised $24 million in its Series A. Electric Capital is one of the investors It now has a total of $29,500,000.
Immunefi connects Web3 projects that need their code checked and secured with whitehat hackers. It's unsurprising that these rewards can go as high as $10 million. Most tech companies, including Apple and Microsoft, use a similar bug bounty methodology, but the practice was less well employed in Web3.
Immunefi claims to have saved more than $25 billion from being hacked by paying out $60 million to whitehat hackers.
Bug payouts in Web2 have to be different. A small amount of money is not a lot of risk. Immunefi created a bug bounty standard which scales to encourage projects to pay rewards for big vulnerabilities at a rate equivalent to 10% of the funds at risk.
There are enormous bug bounties, such as the $10 million paid out for a vulnerability discovered in Wormhole, a generic cross-chain messaging protocol, and the $6 million for a vulnerability discovered in Aurora. The biggest bug bounty offered by Apple was $2 million.
Mitchell Amador said that open code and directly monetizable exploits have made Web3 the most hostile software development space in the world. Immunefi has saved billions of dollars by shifting incentives to whitehats. It is better to use Immunefi than to publicly beg hackers to return funds. This raise is being used to scale our team to meet this huge challenge.
HackerOne switched from web2 to web3 and Safeheron raised $7 million to protect private keys.