SAN FRANCISCO, — Bugcrowd, the #1 crowdsourced security platform, today released its latest Inside the Mind of a Hacker Report, providing insight on the demographics and motivations of the bug hunting community. This third annual report demonstrates that the growing prevalence of bug hunting opportunities has opened new inroads to cybersecurity careers, with 81 percent crediting their experience bug hunting for helping them get a job in cybersecurity.
“Bug bounties have impacted my life by teaching me skills that I didn’t know from doing traditional pentesting,” said Phillip Wylie, a top performing security researcher for Bugcrowd based out of Texas. “I really enjoy being involved in the security and hacking community and I now teach ethical hacking at a community college. It’s important to share knowledge in our community so we can push ourselves to be better.”
According to this year’s report, the Bugcrowd hacker community is a highly motivated group with 50 percent bug hunting on top of a regular nine-to-five job. They are focused on their infosec careers with nearly 32 percent wanting to be full time bug hunters, and more than 20 percent looking to be top security engineers or CISOs at large tech companies. While more than 80 percent have completed some form of higher education, with 25 percent completing or currently working on a graduate degree, nearly half (43 percent) are self-taught bug hunters who learned how to hack via online resources and blogs. The depth and breadth of this community is meaningful for an industry currently facing a massive skills shortage, with Cybersecurity Ventures predicting there will be 3.5 million cybersecurity job openings by 2021.
“Cybersecurity isn’t a technology problem, it’s a people problem – and in the whitehat hacker community there’s an army of allies waiting and ready to join the fight,” said Casey Ellis, founder and CTO at Bugcrowd. “Bug hunting is a perfect entry point for would-be infosecurity professionals to gain real-world experience, as well as for seasoned professionals to hone their skills and supplement their income. With cybercrime expected to more than triple over the next five years, bug hunting addresses the dire need for security skills at scale.”
In this 2019 Edition, Inside the Mind of a Hacker went beyond demographics, skill sets and motivations and for the first time examined gender inequality, security education, and a deep dive into the Bugcrowd Elite, MVP and Top 50 researchers.
Key findings include:
For a full copy of the report, please visit: Bugcrowd.com/inside-the-mind-of-a-hacker
Methodology
The Inside the Mind of a Hacker Report analyzes proprietary survey data, collected from more than 750 Bugcrowd security researchers around the world, segmenting for statistics around demographics, motivations, and hacker economics. In addition, the report analyzes proprietary Bugcrowd Crowdcontrol™ platform data, collected from hundreds of managed crowdsourced security programs, to generate up-to-date statistics around submitted vulnerabilities, bounty payouts, the Crowd performance. The survey data was collected in June 2018.
About Bugcrowd
Bugcrowd is the #1 crowdsourced security platform. More enterprise organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next gen pen test programs. By combining the largest, most experienced triage team with the most trusted whitehat hackers around the world, Bugcrowd generates better results, reduces risk through remediation advice, and empowers organizations to release secure products to market faster — with no hidden fees. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Bugcrowd. Outhack Them AllTM. Learn more at www.bugcrowd.com.