Security News > 2020 > April > Full-time bug hunting: Pros and cons of an emerging career

Full-time bug hunting: Pros and cons of an emerging career
2020-04-07 07:36

The sheer number of bug bounty programs in existence and the fact that the bounties occasionally reach tens or hundreds of thousands dollars has, as a result, lead many a bug hunter to concentrate on searching for vulnerabilities as their only occupation.

For someone who already has a consistent, well paying job and maybe a couple of kids, bug hunting as a full-time occupation wouldn't be the best thing to just jump into, says Tommy DeVoss, a hacker from Virginia.

Santiago Lopez, a young man from Argentina who a year ago became the first bug hunter to earn over $1 million in bounty awards through the HackerOne bug bounty platform, pointed out that "Wasted time" is also something that a would-be full-time bug hunter has to take into account.

"I spend most of my hacking time in Verizon Media because I'm most familiar with it, but I also like to check out new private bug bounty programs. My favorite bug was the one for which I received the highest single day pay out on the HackerOne platform: I was able to bypass the protections of Verizon Media's blacklist, which allowed me to redo all the bugs I'd submitted from the previous months," he shared.

"Before making the switch to a full-time bug hunting job, it's important to have at least half a year or a year of experience as a part-time bug bounty hunter. You should also be in a financially solid position or be a young person that does not have many expenses."


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/rmGj1OG7QIE/