2018 STATE OF BUG BOUNTY PROGRAMS

In the last few years, we’ve witnessed continued increase in the number of vulnerabilities. CISOs are in a crisis for resources. By 2020, there will be an estimated 1.5 million unfulfilled security positions.

Organizations are depending more and more on the crowdsourced security model to bring light to the vast number of emerging vulnerabilities unknown to most scanners -- helping companies realize their own vulnerabilities before the bad guys do. Bug bounty and vulnerability disclosure programs have the ability to bring together tens of thousands of the brightest minds in security research, to uncover seven times more high priority vulnerabilities than traditional assessment methods. The growing number of organizations across industries adopting bug bounty and vulnerability disclosure programs in the past year has made it clear that the crowdsourced security model is here to stay.

In its fourth iteration, the Bugcrowd 2018 State of Bug Bounty Report provides an unparalleled, inside look into the trends in crowdsourced security, and for the first time, a deep dive into the most common and emerging vulnerabilities found over the past year. 

You can access the report here.