Bugcrowd has always held education and sharing as a core value, which is why I’m very pleased to announce the release of our second annual State of Bug Bounty Report.
This 22-page document gives the reader an up-close and personal look at the evolving dynamics of the bug bounty market, and deeper insight into the early stages of the “unlikely romance” blossoming between hackers and organizations. Read the full report
As a follow-up to our first report, the document includes data around the trends we are observing as this market evolves; the spread of crowdsourcing into more traditional sectors, increases in payout averages, the shifts in researcher demographics across the globe, and the rise of the “super hunter.”
2015 was the year companies realized that, when it comes to cybersecurity, the pain of staying the same is exceeding the pain of change. This is helping companies realize that the only way to compete with an army of adversaries is with an army of allies. Even the most risk-averse industries are embracing, and successfully implementing, crowdsourced cybersecurity programs, and smaller companies are also making them a priority. This growth validates today’s reality: distributed resourcing approaches like bug bounty programs are the best tools to create parity with the adversary.
I hope you enjoy it. As I sit and read it, I’m insanely proud of my team, our customers, and of course the security researcher community that makes this all possible.