Events,
Governance & Risk Management,
Nullcon
Live Bug Bounty Event Reveals New Testing Advantages
As cyber threats escalate in sophistication, organizations are discovering significant benefits from direct collaboration between ethical hackers and development teams. This approach often outperforms traditional security testing methods, providing insights that may otherwise be overlooked.
Companies are increasingly adopting a ‘shift left’ strategy, integrating security measures at each stage of development while also leveraging the expertise of ethical hackers to identify vulnerabilities. This approach was notably demonstrated at a live bug bounty event orchestrated by YesWeHack during Nullcon Berlin 2025. “Implementing proactive testing through a bug bounty program adds a vital layer to our security efforts,” stated Patricia Leppert, the Team Manager of Customer Trust and Security at TeamViewer.
Independent ethical hacker Raphaël Arrouas noted the unique advantages of direct engagement with organizations. “We are often called in after other efforts have been exhausted, and our experience shows there are always issues to uncover,” he commented, emphasizing the ongoing need for rigorous testing beyond conventional measures.
In a discussion during an interview with Information Security Media Group at Nullcon Berlin 2025, Leppert and Arrouas explored various crucial topics. They highlighted the importance of responsible disclosure practices and CAN status, the necessity of continuous post-release testing, and how organizations are leveraging product features and collaboration to combat scams.
Leppert’s role involves fostering a secure environment and building customer trust at TeamViewer, where she collaborates with stakeholders, technical experts, and leadership to implement actionable security solutions. Arrouas, recognized as Switzerland’s first full-time bug bounty hunter since 2019, has ranked as the top ethical hacker from 2022 to 2024, focusing on offensive security consulting.
The collaboration and insights gained from these initiatives reflect a broader trend in the cybersecurity landscape—in which organizations are tapping into ethical hacking to enhance their defensive postures and effectively negotiate the complexities of modern cyber threats. As this paradigm evolves, it underscores the need for continuous security innovation and adaptation in the face of emerging vulnerabilities.
