Santiago Lopez, a 19-year-old, a self-taught hacker from native Argentina, who goes by the handle @try_to_hack on HackerOne, started reporting security vulnerabilities by joining the platform in 2015 at the age of 16. Lopez is one of the top-ranking ethical hackers on HackerOne with 91st percentile for signal and 84th percentile for impact. Lopez has learned most of his hacking techniques through the internet. He read tutorials and watched YouTube videos on how to bypass or defeat security protections. However, he got interested in the field only after watching a 90s movie. “I never knew anything about hacking. I didn’t even know it existed until I saw the movie Hackers, which opened up a whole new world for me. As I learned more, I realized that I was naturally drawn to the types of challenges and problem-solving opportunities associated with hacking,” he said in a Q&A with HackerOne. “I watched online tutorials and also read a lot about hacking. This is how I became the hacker that I am today. It took me a long time to find my first vulnerability, but with patience and effort, it can definitely be achieved. Although Lopez joined in 2015, he earned his first award of $50 in the year 2016 for a cross-site request forgery (CSRF) vulnerability. “At the time I was not very interested in the size of the bounty. I was just so happy and excited to earn my first reward on my own.” Over a period of time, Lopez refined his skills and focused on “finding as many bugs as I can in a short period of time.” His largest payout was $9,000 for a server-side request forgery (SSRF). Ever since Lopez has joined the hacker community, he has reported over 1,670 security flaws to companies including Twitter and Verizon Media Company. He has also worked on different private corporate and government initiatives. Speaking about Lopez and his handle name, HackerOne said, “He was determined to try to hack companies regardless of whether he knew he could succeed. He keeps the name today to remind him of how he started as a bug bounty hacker. Over the past three years of hacking after school and now full-time, he has earned nearly forty times the average software engineer salary in Buenos Aires on bug bounties alone.” Besides, Lopez, another hacker on the platform, Mark Litchfield, too surpassed the $1 million figure in bug bounty reward. HackerOne recently released its 2019 Hacker Report, which surveyed over 3,667 hackers from over 100 countries and territories. According to the report, hackers have earned a huge total amount of $19 million from bounty payouts in the year 2018. HackerOne, which has over 300,000 white hat hackers registered on its platform, has paid over $42 million in bounties for more than 100,000 vulnerabilities submitted by the hackers.