Remember the old saying, “One mind is good, two are better”?
She talks about the value of collective thinking and collaboration, recalling that working together and sharing ideas lead to the best results. The words of this popular wisdom perfectly illustrate how the program, which is called bug bounty, works. In this article, we'll tell you more about this ideal way to generate income for bughunters. And if your child is also interested in all things coding, welcome to Progkids!
Who are bughunters?
These are experts who search for “gaps” or bugs in software and digital products. The task of bughunters (from English. “bughunter”) — find a system vulnerability before it is discovered by cyber “evil”.
What is bug bounty?
Bug bounty is a program in which large organizations offer rewards for finding vulnerabilities in their software, websites, or systems. This practice allows companies to improve the security of their products by involving a community of “white” hackers who use their super skills for good.
The story of bug bounty
The bug bounty idea came from Jarrett Ridlinhafer, who worked as a technical support engineer at Netscape Communications Corporation. In 1995, the company launched the first official bug bounty program for the Netscape Navigator 2.0 browser, offering a good cash reward for finding software vulnerabilities.
In the early 2000s, this practice began to spread actively among large technology organizations. Google and Mozilla were among the first corporations to launch their own bug bounty programs.
Why would hackers need this?
First of all, they get a good reward for their work. Its size often varies depending on the severity of the software “hole” and its potential impact on the system. Secondly, hackers can get unexpected “goodies”. For example, they might be invited to a good position in an organization they found vulnerable. This is what happened to Twitter creator Jack Dorsey. The guy got his first job after finding a “hole” in the code of a large New York company.
Thirdly, hackers just enjoy looking for bugs in systems =)
Benefits of working as a bughunter
Financial “goodies”
Participating in a bug bounty can be a good income.
Great skill upgrade
Working as a bughunter requires constant training and improvement of cybersecurity skills. The more you do it, the better you get.
+100 to karma
Bug hunters help improve the security of digital products by protecting users from potential threats.
How does bug bounty even work?
A large company is launching a bug bounty on its website or on a special platform. Bug hunters study the terms of the program and start searching for vulnerabilities. When a problem is found, they send a report on it through a special form. If the “hole” is confirmed, the hacker is rewarded.
Why do companies love bug bounty?
We're safe
It is clear that the more specialists the organization attracts, the more bugs they will find.
We need to save resources
Companies save large amounts of money by not hiring security specialists on staff.
Let everyone see we care
Open programs show customers and users that the company takes security issues seriously.
Bug bounty Facts
#1 Bug bounty programs can be public (available to everyone) or private (limited to a certain number of participants).
#2 There are convenient specialized platforms that help companies launch bug bounty and help bug hunters report vulnerabilities.
#3 In 2013, a computer science student found a “flaw” in Facebook that allowed anyone to post videos from someone else's accounts. He wanted to get a bug bounty, but something went wrong and the guy, as they say, was left empty-handed. In retaliation, the student posted a video on behalf of Facebook CEO Mark Zuckerberg.
#4 Most bughunters live in India.
#5 There was a time when Yahoo! paid bughunters... with branded t-shirts!
The future of bug bounty
As technology advances and cyber threats increase, bug bounty programs will continue to play a key role in securing digital products. They are already becoming increasingly popular not only among large organizations, but also among startups and government agencies.
For those who want to become a bug hunter and develop their cybersecurity skills, it is important to have good programming knowledge. Does your child want to learn the coding base and more? Then write it down to free trial lesson at Progkids!
