Back to team
Founder & CEO
Gal Nagli
Nagli is one of the world's leading Bug Bounty Hunters, having found critical bug automatically on over 500+ companies around the world, and have won a couple of Live Hacking Events.

About me

Gal Nagli is a one of the world's most successful Bug Bounty Hunters, Nagli started as a self taught Application Security Researcher who slowly developed his expertise in doing Bug Bounties, particularly with reconnaissance, automation and blackbox skills.

He managed to finish as the 5th Hacker in the world at HackerOne for 2021, he is also ranked as the 1st all time hacker in the Israeli leaderboard together with being ranked among the top 20 all time worldwide hackers in the platform.

Nagli constantly works together in collaboration with top tier hackers to find and exploit critical findings within some of the biggest companies around the world, doing so he managed to submit valid security misconfigurations to over 500 companies and big corporations, such as Apple, PayPal, Github, Indeed, Yahoo, Epic Games, Shopify, Atlassian, Zoom and many more..

Nagli is also an active researcher on Bugcrowd's platform and is ranked among the top 20researchers in their all time leaderboard, as he also won the best collaboration award in Okta's 2021 BugBash event and finish #1st on Indeed's Bug Bash Live Hacking Event on August 2022 in Las Vegas.

Nagli is a notable figure within the bug bounty scene by sharing writeups and tips on his twitter feed and personal blog, forming winning collaborations between top hackers and establishing a community that works together to make more Impact and improve the bug bounty experience for us as hunters and for companies as customers.

Nagli is thriving to deliver as much public speaking sessions about his findings and experiences doing bug bounties, with the recent ones has been speaking at GISEC 2022 Dark Stage about detecting and exploiting Grafana vulnerabilities, and in DEFCON29 AppSec Village about vulnerabilities in 3rd party integrations.

Background & Experience

  • 2016 - 2020: Nagli served as Cyber Security Specialist at the IDF Cyber Defense Division and was awarded certificate of excellence from the head of the IDF Cyber Defense Division while pursuing his B.Sc degree in computer science
  • 2021 - 2022: Nagli worked as AppSec all arounder on Cyber Security Startup
  • 2022: Nagli worked as Senior Product Security Engineer at Salesforce


  • Top 20 all time leaderboard
  • 1st on all time regional leaderboard
  • 5th Hacker In the world in 2021
  • 4th Hacker in the world in 2022
  • Top 20 all time leaderboard
  • Included 12 times on the global monthly top 10 leaderboard
Live Hacking Events
  • July 2021, Virtual - Bugcrowd's Okta Live Hacking Event - Best Collaboration.
  • March 2022, Dubai - Yogosha GISEC Live Hacking Event - 2nd place Individually, 1st place with collaboration
  • April 2022, Paris - YesWeHack Live Hacking Event - Critical Submissions
  • April 2022, Virtual - Paypal HackerOne Live Hacking Event - Best Collab on a report, 9th place finish
  • May 2022, Denver Colorado - H1-303 Live Hacking Event - First Critical Submission, 8th place finish
  • June 2022, Austin Texas - Github H1-512 Live Hacking Event - 7th place finish, Show & Tell, Most Creative Bug, Most Unique Bug
  • August 2022, Las Vegas Nevada - Indeed BugCrowd BugBash - 1st Place Winner.
  • September 2022, Barcelona - HackerOne H1-3493 - 4th Place finish.
  • January 2023, Orlando - H1-407 - 4th Place finish, Exterminator Award (Most Impactful Bug in the event)
Start using the Web Vulnerability Scanning product of the future.