What does a bug researcher look like?
What kind of people spend their time looking for software bugs? Crowdsourced testing company Bugcrowd has released a report looking at how its community is made up that might give you a clue.
Bugcrowd researchers come from all over the world, as of September 1, 2016, the United States (29 percent) and India (28 percent) had the most sign-ups, followed by the United Kingdom on six percent.
Almost 60 percent or researchers are aged under 30, and 34 percent are between 30 and 44. Only 25 percent are full time bug hunters, others do it as a secondary job or as an adjunct to their studies. The company categorizes them into five groups: knowledge seekers, hobbyists, full-timers, virtuosos and protectors.
Motivations for these groups vary, for some it's about the thrill of the hunt, for others it's about money from bounties, or a path to a career in the IT security industry. Bugcrowd offers both public and private programs and 86 percent of users say they participate in both. However, those participating in private programs tend to be more experienced, many companies therefore start with a private test before opening it up to a wider pool of researchers.
"At Bugcrowd, we see it as part of our responsibility to understand and support the community of researchers, and it is our hope that by exposing the broader audience to the nuance and diversity present in this community, we can help grow the overall market opportunity for researchers all over the world," says Sam Houston, senior community manager at Bugcrowd. "While we don’t see this as an all-inclusive report on the security researcher community, we do believe this an exciting frst look at bug bounty hunters, some of their motivations, and the factors in play when they choose the bug bounty programs they work on".
You can find out more about the research community in the full report which you can get from the Bugcrowd website.
Image credit: olly/Shutterstock