Request a Demo Contact Us
Bugcrowd Named a Leader in GigaOm’s Pen Test as a Service Report
Read Now

Defensive Vulnerability Economics

Defensive Vulnerability Economics


There are two reasons to buy details around a vulnerability: to kill it, or to exploit it.

The offensive vulnerability market has been quietly maturing for many years now, but with the explosive adoption of bug bounty and other crowdsourced security programs over the past several years, there has been a flood of new data around the market models.

There is always going to be a premium out there for black hats, so what is going to motivate the white hats to get in front. The more difficult you make it to find a bug and if there is an offensive buyer you drive the value up.

Join Bugcrowd Founder, chairman and CTO Casey Ellis and Kevin Gosschalk, CEO of Arkose Labs for a discussion on:

  • The evolution of the offensive vulnerability market
  • Contrasting the economic incentives between defensive and offensive purchase
  • Quantifying the actual value of vulnerabilities across different target
  • The importance of this model, for both customers and hackers

More resources


Salesforce Object Recon with B3nac

Learn More

Pen Testing as a Service Product Review

Read More

Bridging the Gap Between Developers and Security Teams

Watch Now

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.