SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

Young Pros Eye Bug Hunting

November 15, 2017

The Inside the Mind of a Hacker 2.0 has provided insight into the demographics and motivations of the bug hunting community. The second annual report demonstrates that the growing adoption of bug bounty programs (up 77 percent over 2016) has provided increased opportunities for global professionals to earn a living through bug hunting.

“What motivates me? Contributing towards a safer cyber-world for everyone,” said Mongo, top performing security researcher for Bugcrowd. “The technical challenge aspect attracts me too. Looking for and finding different ways to ‘break’ things has a strange appeal.”

According to this year’s report, there is a fast-growing community of hackers helping combat cyberattack. Representing 216 countries (up 93 percent over last year), the Crowd is comprised of a group of young, educated (82 percent have completed some form of higher education) professionals. More than half hold full-time jobs, including penetration tester, security consultant, security engineer, or software engineer; while 19 percent are full-time bug hunters, up 26 percent over the previous year.

“With Bugcrowd, Atlassian’s security team adds more than 65,000 external cybersecurity researchers,” Matthew Hart, Security Engineer, Atlassian. “This highly capable community is constantly testing our products, using well-defined guidelines and a safe testing ground to perform their research.”

The 2017 report identifies data-driven trends among Bugcrowd’s community of more than 65,000 researchers. It also describes the five distinct profiles of security researchers: Knowledge Seekers, Hobbyists, Full-Timers, Virtuosos and Protectors.

Key findings include:

•Power of the Youth: 71 percent of bug hunters are 18-29 years old, up from 60 percent last year, indicating more hackers are getting an earlier start. Additionally, 82 percent have completed some form of higher education, with 16 percent holding a master’s degree or higher.

•Leveling-up is a priority: A majority (62 percent) of the Crowd invest their earnings from bug hunting back into their craft, spending it on security tools and training, and 36 percent are driven by professional development.
•Up for a Challenge: 44 percent of bug hunters ranked “the challenge” as a top motivator. They want to be among the security elite and get ahead of their peers.

•Opportunity driven: 27 percent of the Crowd hope to become a full-time bug hunter, giving them more opportunities to learn about different business models and hack on various technologies.

“The pace of innovation has exponentially grown the attack surfaces beyond the availability of capable cybersecurity professionals which has left organizations open to destructive cyberattacks,” said Ashish Gupta, CEO, Bugcrowd. “The best defense is a good offense. The Crowd fights fire with fire. Committed to helping global organizations identify vulnerabilities, this diverse community of talented security researchers identifies vulnerabilities before adversaries can, expanding security coverage for organizations and ultimately ensuring the safety of the Internet.”

Terms of Use | Copyright © 2002 - 2017 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement