Bugcrowd has released the results of a new survey of bug hunters, individuals who obtain bug bounties by finding security vulnerabilities in software. In recent years, the number of companies offering bug bounties has grown considerably, but little is known about the group of people who attempt to earn these bounties. Here are some key findings from the survey:
- 41 percent of bug hunters have been participating with bug bounties for only a year or two.
- 46 percent of bug hunters have more than three years’ experience in IT security.
- The number one reason why bug hunters participate in bounty efforts is for “the challenge.”
- 71 percent of bug hunters are 18-29 years old.
- 62 percent of bug hunters reinvest their bug bounties in their own professional development or security tools.
- 82 percent of bug hunters have completed some form of higher education.