SAN FRANCISCO– November 14, 2017 — Bugcrowd, the leader in crowdsourced security testing, today released Inside the Mind of a Hacker 2.0, providing insight into the demographics and motivations of the bug hunting community. The second annual report demonstrates that the growing adoption of bug bounty programs (up 77 percent over 2016) has provided increased opportunities for global professionals to earn a living through bug hunting.
“What motivates me? Contributing towards a safer cyber-world for everyone,” said Mongo, top performing security researcher for Bugcrowd. “The technical challenge aspect attracts me too. Looking for and finding different ways to ‘break’ things has a strange appeal.”
According to this year’s report, there is a fast-growing community of hackers helping combat cyberattack. Representing more than 100 countries, the Crowd is comprised of a group of young, educated (82 percent have completed some form of higher education) professionals. More than half hold full-time jobs, including penetration tester, security consultant, security engineer, or software engineer; while 19 percent are full-time bug hunters, up 26 percent over the previous year.
“With Bugcrowd, Atlassian’s security team adds more than 65,000 external cybersecurity researchers,” Matthew Hart, Security Engineer, Atlassian. “This highly capable community is constantly testing our products, using well-defined guidelines and a safe testing ground to perform their research.”
The 2017 report identifies data-driven trends among Bugcrowd’s community of more than 65,000 researchers. It also describes the five distinct profiles of security researchers: Knowledge Seekers, Hobbyists, Full-Timers, Virtuosos and Protectors.
Key findings include:
- Power of the Youth: 71 percent of bug hunters are 18-29 years old, up from 60 percent last year, indicating more hackers are getting an earlier start. Additionally, 82 percent have completed some form of higher education, with 16 percent holding a master’s degree or higher.
- Leveling-up is a priority: A majority (62 percent) of the Crowd invest their earnings from bug hunting back into their craft, spending it on security tools and training, and 36 percent are driven by professional development.
- Up for a Challenge: 44 percent of bug hunters ranked “the challenge” as a top motivator. They want to be among the security elite and get ahead of their peers.
- Opportunity driven: 27 percent of the Crowd hope to become a full-time bug hunter, giving them more opportunities to learn about different business models and hack on various technologies.
“The pace of innovation has exponentially grown the attack surfaces beyond the availability of capable cybersecurity professionals which has left organizations open to destructive cyberattacks,” said Ashish Gupta, CEO, Bugcrowd. “The best defense is a good offense. The Crowd fights fire with fire. Committed to helping global organizations identify vulnerabilities, this diverse community of talented security researchers identifies vulnerabilities before adversaries can, expanding security coverage for organizations and ultimately ensuring the safety of the Internet.”
For a full copy of the report, please visit: https://bugcrowd.com/resources
Bugcrowd delivers the ultimate in security assessment for the enterprise. The pioneer and innovator in crowdsourced security testing for the enterprise, Bugcrowd combines the power of more than 65,000 security researchers and its proprietary Crowdcontrol platform to surface critical software vulnerabilities, and level the cybersecurity playing field. Bugcrowd provides a range of public, private, and on-demand options that allow companies to commission a customized security testing program to fit their specific needs. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures and Salesforce Ventures. Bugcrowd is a trademark of Bugcrowd, Inc. Learn more at www.bugcrowd.com.