Many big companies are showing their eagerness to pay for the bugs that are important to remove to run their businesses smoothly. Around $30,000 is paid to a particular vulnerability found in their system.
By using bug bounty program which helps to fix the company security system, hackers can earn around $900,000 annually as a reward. But only big companies can afford this amount and that’s why they are doing this.
According to the Hackerone’s data, they say that the biggest companies are willing to pay $900,000 to a hacker annually to find flaws in their system. Since the release of Bug bounty programs, it is predicted around 17 million dollars has paid to the hackers as they founded around 50,000 system problems.
If we calculate the average of the solving a problem it was estimated around $1,923. Yet, from the last year’s data, it was proclaimed that over $10,000 was paid for every of the 88 bug bounties. The top compensation was reached to the $30,000 add this is not given by the top company. Microsoft and Apple even gave around $100,000 as a reward to solve a flaw.
Most of the companies which will pay to the Hackers are the small companies which are around two third of the total market of the big bounty program and they will pay around $1,000 to $15,000 per bug. A Hacker only found the critical problems of the system and if a serious hacker is going to find a bug in their system which is already loaded with flaws the company will go bankrupt.
A problem or vulnerability is found and then solved, is not the actual game. Companies are increasing the reward values day by day so that the hacker feel encouraged to find more flaws. Google is the best example in this case, as their reward goes from $5,000 to $100,000 only in finding a bug in Chrome.
Hackers accepted that there most of the income source is only comes from the bug bounties and the percentage of hackers who are generating income from Bug Bounty Program are around 17%. Add 26% for hackers admitted that the majority of the income depends only in bug hunting. 9 of 10 of these hackers are below the age of thirty-four.
If we see the stats, the fastest income source of hackers has come from Hospitality and Travel Agencies. And when a bug is found, hackers get their pay after the eighteen days. Government companies took around sixty days for the payment. Around fifty percent of the payment is done when the bug is found and another half when the bug is solved.
The maximum number of companies which run bug bounties are tech companies and laterly, Government is also taking interest in this.