Meet the modern software tester: Bug hunters profiled

Young men predominate as bug hunters, many of whom are gamers, work in IT or security, and have studied computer science.

Ethical hacking was once the pursuit of security researchers who wanted something to present at their next conference, or lone wolves who enjoyed the thrill of the chase (but not the threat of prison).

Today, ethical hacking has become big business in the form of bug hunting. More and more companies—from the likes of Microsoft and Google, industries giants such as GM and Uber, and even US government agencies such as the Army and Air Force—now run bug-bounty programs and competitions.

Startups such as Bugcrowd and HackerOne that facilitate bug-bounty programs claim hundreds of thousands of ethical hackers on their platform between them, all ready to help check the security posture of an organization and make a buck or two in the progress.

So, who are these ethical hackers?

Both HackerOne and Bugcrowd have released demographic reports outlining who their hackers are. Bugcrowd claims 80,000 researchers on its platform, HackerOne just over 160,000.

“In general, members of our community are young males, ages 17 to 25,” says David Baker, CSO of Bugcrowd. “A lot of them have college degrees and work in security industry. A gaming background is huge draw because, once people realize this game model to engage in where they can hack companies and get paid for, it is fun for them.”

To continue reading this article register now

How to choose a low-code development platform