Bug Hunting: The Cyber security Skill of the Future


The majority of white hat hackers who reported to be in search of jobs in cyber security said that their hunt for bugs helped them land a job. This is according to 2018 Inside the Mind of a Hacker report by Bugcrowd.

White Hat Hackers and Bug Hunting

The report focused on the community of white hat hackers. This was to better understand the skill sets and career aspirations of over 750 security researchers. It discovered that 41 per cent of white hat hackers are self-taught. What’s more, 80 per cent of bug hunters said that their experience in hunting for bugs has helped them to find a career in cybersecurity.

“Bug bounties have impacted my life by teaching me skills that I didn’t know from doing traditional pen testing,” said Phillip Wylie, a top-performing security researcher for Bugcrowd based out of Texas in today’s press release. “I really enjoy being involved in the security and hacking community and I now teach ethical hacking at a community college. It’s important to share knowledge in our community so we can push ourselves to be better.”

“Cybersecurity isn’t a technology problem, it’s a people problem – and in the white hat hacker community there’s an army of allies waiting and ready to join the fight,” said Casey Ellis, founder and CTO at Bugcrowd in the release.

“Bug hunting is a perfect entry point for would-be info-security professionals to gain real-world experience, as well as for seasoned professionals to hone their skills and supplement their income. With cybercrime expected to more than triple over the next five years, bug hunting addresses the dire need for security skills at scale.”

Career Prospects

A career in bug hunting can be rather profitable. Research shows that the average total payouts for the top 50 hackers totalled approximately $150k. The average submission pay-out comes in at $783. While hackers are finding and submitting many bugs, 15 per cent of hackers wish to be a top security engineer at tech giants such as Google. However, only 6 per cent have the desire to someday be a CISO.

24 per cent of hackers only spend an average of 6 to 10 hours a week hunting for bugs. This could be due to the fact that over half of the white hat hacker community are hunting bugs on top of their regular full-time jobs.

Join us for ESRM 2019

Join us for Whitehall Media’s prestigious biannual 10th ESRM conference in March. This event will discuss how enterprises are identifying risks, measuring threats, establishing mitigation plans, managing incidents, and developing remediation practices. The event offers unrivalled networking opportunities and insights on how to design, implement and embed deliverable action plans that balance risk mitigation with the pursuit of business growth.

Share this post: