How much is a bug worth?
1Password recently raised its top bug bounty reward from $25,000 to $100,000. They increased the amount to further incentivize researchers, according to its blog. Separately Google paid out $3 million last year for its vulnerability reward program.
But how are these figures determined?
David Baker, vice president of operations at Bugcrowd, believes these big bounties demonstrate that organizations are really starting to think about the market and where the market is pricing vulnerabilities.