the hackers he relies on are from gcrowd, which uses from around the world to explosive fraud. he can decide to use a select few or the entire crowd, made up of thousands of hackers. >> there's always something that people have missed. that's because vulnerabilities are hard to avoid. >> reporter: the flaws range from trivial to major, it could expose secret data or remotely take over a self-driving car. >> the more impactful or severe it is, the more they get paid. >> reporter: it's not the only bounty startup. dozens of firms have launched their own programs. google hasaid more than $5 million to 900 researchers. largest pay out to date, 300,000 to a brazilian engineer who was later hired by the company. yahoo! has a relationship with thousands of hackers. google has a bug hunter university. m. pays student hackers in campus currency. some firms offer their staff incentives to track down bugs. according to ellis, those same works could also be a threat. >> the risk of inside hacking is real for anyone. they need to be thinking of what is an insider capable of, and what contro