Skip to main content
  1. Home
  2. Computing
  3. News

Bugcrowd’s bug bounties grow 210 percent, with more than $2 million paid out

Jonathan Keane
By

google microsoft increase payouts in bug bounty programs
Jean Marconi/Flickr
Bug bounties are quickly becoming security best practice and no longer considered a novelty, according to Bugcrowd’s second annual State of Bug Bounty report.

The research from the bug bounty platform company shows it has paid out over $2 million in bounty rewards as of March this year and the number of bug bounty programs running on its platform has increased some 210 percent since January 2013.

Recommended Videos

Most interestingly, more and more larger corporations are turning to bug bounty hunters. Large companies, with 5,000 or more employees, now account for 44 percent of Bugcrowd’s bug bounty programs. It’s not just tech companies either, there’s been a swell of “traditional” industries like banking and retail that have turned to the crowd for security help.

Related

The company credits the growth in bug bounty researchers to the explosion in cyberattacks in recent years, coupled with a skills shortage in the security industry.

As a result, bug hunters have seen a 47 percent increase in the reward figures over the last year. In the first quarter of this year, Bugcrowd’s average payout was $505.79. The all-time average is $294.70, up from $200.81 last year.

As of March, Bugcrowd said it has paid out $2,054,721 through 6,803 valid submissions. Researcher Reginaldo Silva remains the highest paid bug bounty hunter to date, having received $33,500 from Facebook for an XML external entities vulnerability. He is now a security engineer at Facebook.

Researchers from 112 countries make up Bugcrowd’s bug hunter roster with submissions from India accounting for 43 percent of users with the U.S. in a distant second at 13 percent. However, when it comes it actual money paid out, India remains on top but Portugal comes in second with the U.S. at third.

Bugcrowd’s report also shows the growth of so-called “super hunters”, which are often dominating the number if payments made through bug bounty programs. These are security researchers that have turned hunting bugs from a hobby into a full-time job. Bug crowd’s top 10 researchers account for 23 percent of money paid out.

Cross-site scripting (XSS) remains the most frequently occurring bug, 66 percent of valid submissions, with cross-site forgery requests (CSFR) bugs also common at 20 percent.

The data for the report was collected from programs run on Bugcrowd’s platform, as well as from surveys on hundreds of security researchers and professionals. The research was conducted between January 2013 and March 2016.

Bug bounty programs and crowdsourced cybersecurity are leveling the playing field for companies and researchers by creating mutually beneficial relationships, said Jonathan Cran, Bugcrowd’s vice president of product.

“2015 was the year companies realized that, when it comes to cybersecurity, the pain of staying the same is exceeding the pain of change,” said CEO Casey Ellis. “This tip is causing companies to realize that the only way to compete with an army of adversaries is with an army of allies.”

Editors' Recommendations

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
How to delete messages on your Mac
A MacBook and iPhone in shadow on a surface.

Apple likes to make things easy for its iPhone, iPad, and macOS devotees. When signed in with the same Apple ID on more than one of these devices, you’ll be able to sync your messages from one Apple product to the next. This means when you get a text on your iPhone, you’ll be able to pull it up through the Messages app on your Mac desktop.

Read more
The best laptop brands for 2024
best laptop brands hp spectre x360 13 2021 1

If you like to write, browse, game, or work in different parts of your home or office, one of the best laptops is a necessity in 2024. There are many to choose from, but you can first narrow your options by looking at laptops from the most established and respected brands.

Here's a list of the best laptop brands in 2024 to get you started.
Dell

Read more
Amazon deals: TVs, laptops, headphones and more
iPad Air on a white background.

Amazon is one of the most popular retailers on the planet. It has almost anything and everything you could hope to shop for, and that includes tech like laptops, headphones, TVs, and even devices made to make life around the home a little easier. And whether you’re shopping for one of the best smart home devices or something more tailored to work or play, Amazon always shows up with ways to save. Right now it has a ton of laptop deals, TV deals, headphone deals, and more to shop. We’ve walked down the aisles of Amazon and picked out what we feel are some deals worth shopping, so read onward for more details.
Vizio 50-inch V-Series 4K smart TV — $223, was $360

The Vizio V-Series 4K Smart TV amazing picture quality for its price point, as well as a wide variety of smart features. It has an IQ Active Processor that delivers superior picture processing. This processor also enables the TV to upscale all of your favorite HD content into 4K quality as you watch. This TV also features a gaming engine that makes gameplay more responsive with less lag and a high refresh rate. This is something to consider if you’re a gamer and somebody who likes to watch fast-paced content such as sports and action movies.

Read more