HR professionals take note: look out for bug hunting skills in resumes.
It showed a growing prevalence for bug hunting that in turn is leading to new inroads in cybersecurity careers. According to the report, 81 percent credited their experience bug hunting for helping them get a job in cybersecurity.
"Bug bounties have impacted my life by teaching me skills that I didn't know from doing traditional pentesting," said Phillip Wylie, security researcher at Bugcrowd.
Bug hunting is already a lucrative side job for many. The Bugcrowd hacker community, for example, carry out 50 percent bug hunting on top of a regular nine-to-five job.
They are focused on their infosec careers with nearly 32 percent wanting to be full-time bug hunters, and more than 20 percent looking to be top security engineers or CISOs at large tech companies, said the report.
The depth and breadth of this community are meaningful for an industry currently facing a massive skills shortage, with Cybersecurity Ventures predicting there will be 3.5 million cybersecurity job openings by 2021.
"Cybersecurity isn't a technology problem, it's a people problem - and in the whitehat hacker community there's an army of allies waiting and ready to join the fight," said Casey Ellis, founder and CTO at Bugcrowd.
"Bug hunting is a perfect entry point for would-be infosecurity professionals to gain real-world experience, as well as for seasoned professionals to hone their skills and supplement their income. With cybercrime expected to more than triple over the next five years, bug hunting addresses the dire need for security skills at scale."
Other key findings include: