French startup that helps find online threats and vulnerabilities picks £13.7M for UK expansion

YesWeHack Image credits: YesWeHack

Bug Bounty programs (BBPs) are becoming a mainstay in the security strategy of the organisation. Big tech companies like Apple, Microsoft, Facebook, and others, often conduct BBPs to detect, fix & secure vulnerabilities. 

The global Bug Bounty market was valued at $223.1 million (approx £162.4 million) in 2020 and is expected to reach $5,465.5 million (approx £162.4 million) by 2027 with a growing CAGR of 54.4 % during the forecast period. 

Based out of Paris, YesWehack, a Global Bug Bounty & Vulnerability Disclosure Policy (VDP) platform is planning to capitalise on the opportunity. 

Raised €16 million

Recently, the French company raised €16 million (approx £13.7 million) in Series B funding led by Banque des Territoires and Eiffel Investment Group. The company’s Series A investors Normandie Participations and CNP Assurances also participated in the round. 

“We are grateful for the confidence shown by our existing investors Normandie Participations and CNP Assurances as well as our new partners. Our decision to get backing from Banque des Territoires and Eiffel Investment Group is motivated by their strong European roots. With this new investment, we are contributing to the growth of the cybersecurity sector, and bug bounty provides a disruptive approach in times of high demand,” says Guillaume Vassault-Houlière, CEO and co-founder of YesWeHack. 

How will the funding be used?

YesWeHack will use the funding to help organisations worldwide to raise their cybersecurity strategy and address the challenges of digital transformation. 

Further, the company will use the investment to accelerate its R&D efforts and increase its international presence and expand globally. The company is planning to hire 100 new employees over the next 18 months in and outside France.

What is Bug Bounty?

A bug bounty is a reward program that is paid out to developers who find critical flaws in software, effectively crowdsourcing flaws and vulnerability management.

Connects more than 25,000 ethical hackers

Founded by Manuel Dorne in 2015, YesWeHack offers a Bug Bounty program connecting more than 25,000 ethical hackers across 170 countries to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure, and connected devices. 

“Covid-19 has considerably accelerated the modernisation of our client’s IT systems and increased their attack surface,” says Guillaume Vassault-Houlière, CEO and co-founder of YesWeHack. “Security teams realise that traditional approaches are no longer sufficient. That’s why at YesWeHack, we offer an agile and scalable solution that meets these challenges.” 

The French company runs both public and private (invitation-based only) programs for hundreds of organisations worldwide. 

The bug bounty company has witnessed a growth of 450% since its first round of funding just two years ago. Right now, the company operates in Europe and Asia-Pacific. YesWeHack works with and provides its services to businesses within the UK. 

In fact, the company has worked with London-based OVH, an Internet Service Provider providing dedicated servers, shared and cloud hosting, domain registration, and VOIP telephony services.

Besides Bug Bounty, the company also offers support in creating a Vulnerability Disclosure Policy (VDP), a learning platform for ethical hackers called Dojo, and a training platform for educational institutions, YesWeHackEDU.

“Banque des Territoires is firmly committed to cybersecurity as it has become a significant concern for local authorities and public players. We will continue to support French companies in this sector and help them excel at a global level. We are delighted to participate in YesWeHack’s latest fundraising round and support their development,” said Antoine Troesch, investment director of Banque des Territoires.