The year in review – ‘Record bug bounty payouts demonstrate the value companies see in the industry’

By Anna Hammond

December 15, 2022

The year in review – ‘Record bug bounty payouts demonstrate the value companies see in the industry’

As 2022 comes to an end, the Intigriti team looks back on another year of firsts for the global crowdsourced security industry.

A note from the CEO

“As we close out 2022, the global bug bounty industry has continued to experience strong growth, despite the challenges posed by the market downturn and other unforeseen events.

More and more businesses are recognizing the value of crowdsourced security testing, and bug bounty programs have proven to be an effective way to identify and address potential vulnerabilities.

The need for organizations to be prepared for the unexpected has never been greater, and the events of the past year have shown us that we must be ready for whatever challenges may come our way.

At Intigriti, we have seen first-hand the power of collaboration in driving the success of our platform and community. We are proud to have expanded our global team and community of researchers, launched new public and private programs, and introduced innovative features like our Hybrid Pentest and live hacking services.

In 2022, we have paid out triple the amount in bounties compared to the previous year, and the average bug bounty payout has nearly doubled. This demonstrates the increasing value companies are receiving from bug bounty programs, and we are committed to helping businesses of all sizes tap into the benefits of crowdsourced security testing.

Looking ahead to 2023, we are excited about the opportunities and challenges that lie ahead. We remain committed to helping businesses of all sizes enhance their security posture, and we are confident that the bug bounty market will continue to grow and evolve.

As we move forward, we are dedicated to pushing the boundaries of what is possible in the world of bug bounty and infosec. Thank you for joining us on this journey.”

–Stijn Jans, Intigriti Founder and CEO

Bug bounty workforce growth

It’s been a changeable year for the global tech jobs market. Still, while it appears to be shrinking in some areas (Twitter and Meta being two notable companies that reduced their headcounts in 2022), the latest cybersecurity workforce study from industry organization (ISC)² indicates that the global cybersecurity workforce is now 4.7 million people – the highest it’s ever been.

As with the wider information security industry, bug bounty hunting remained a popular business in 2022. Our Ethical Hacker Insights Report found that a growing number of respondents considered bug bounty a full-time career, while 96% said they would like to dedicate more time to bug bounty hunting.

The biggest draw for hackers is the potential financial return, cited by nearly half of respondents, along with the ability to work anywhere in the world, the ability to work alone, and the chance to outsmart cybercriminals.

Currently, more than half of bug bounty hunters are also in full-time employment elsewhere, and around a third are students. More than one in five, though, receive more than a quarter of their total income from bounty payouts.
 

JOIN THE TEAM: Interested in learning more about opportunities at Intigriti? Visit our careers page to see the latest openings
 

Driving more female hacking talent

It’s well known that there is a shortage of female tech talent. Being part of this world, we understand this as much as anyone. Within the bug bounty community alone, around 95% of hunters are male – but we’re trying to change that.

Intigriti is helping to diversify the industry and influence the next generation of female security talent by bringing those already defying stereotypes to the forefront.

This year, we donated all our sponsorship money from our virtual bug bounty conference, 1337UP Live, to Women in Cybersecurity (WiCyS), a non-profit industry organization.

Live and kicking

As the world started to open up again following the pandemic, 2022 saw some of our most significant live hacking events to date.

In August, Yahoo! hosted its first in-person live hacking event for more than two years. With over 217 submissions and $240,000 paid out in bounties, the on-site Intigriti triage team had plenty to do!

The event was a resounding success. It even included a go-karting escapade and, for a lucky few, a trip to the Formula One Grand Prix in Belgium.

Back in November 2021, enterprise software giant Visma held its first live hacking event in partnership with Intigriti.

After the event contributed towards key refinements in the Norwegian company’s security posture, Visma continued with a similar event this year.

Live hacking events offer a fast, intensive testing period in which an asset is picked apart by some of the most expert members of our hacking community. The ‘buzz’ created at live hacking events makes for a vibrant atmosphere where together companies and hackers can have a huge amount of fun. 

Intigriti company highlights in 2022 

No year is ever the same in the world of crowdsourced security, and Intigriti’s growth over 2022 was a whole new chapter in our journey.

Here are some key developments that happened for us over the last year:

Global growth

The funding continues to enable expansion to our business and team. In 2022 we grew to nearly 100 employees at Intigriti. But we’re just getting started. In 2023 we intend to grow the Intigriti family even further, so visit our careers page to see the latest opportunities.

Tracxn Minicorn award 

The Tracxn Soonicorn Awards is an initiative by Tracxn to publicly recognize and acknowledge the best companies across geographies and sectors. In the category of ‘Minicorns’, they pick out companies they believe have the potential to go on to claim the reputation as a unicorn. Intigriti were thrilled and proud to be included in this category! 🦄 

Series B funding

Another highlight this year was our Series B funding round, where we raised over €21 million. The largest funding round for a crowdsourced security platform in Europe to date, it was led by Octopus Ventures, with EnBW New Ventures and ETF Partners also playing a key role.

Hybrid Pentest launch

2022 saw a bold new addition to our product line-up: Hybrid Pentesting. If you are still unfamiliar, Hybrid Pentesting uses a cost-efficient and scalable ‘Penetration Testing as a Service’ model that allows you to access the expert skills of our ethical hacking community.

The Intigriti Trust Centre 

Also released in 2022 was Intigriti’s Trust Center, a live dashboard connected to our platform that displays our security posture in real-time while also providing all relevant security resources and documentation. Check out the Trust Center itself, where we take the stance that transparency on your security is everything.  

Community events and team socials

Being part of the Intigriti team is more than just being at the forefront of ethical hacking. Over the past 12 months, we’ve had the pleasure of participating in dozens of community and social events. Here are a few highlights from the year:

IntigriTREE

In Q1, we ran the IntigriTREE exercise challenge, where we promised to plant one tree for each day an employee exercised.

The results were incredible, with us donating 775 trees to #TeamTrees.

‘Out-of-Scope’ Mallorca Trip 

‘Disconnect to connect’ was the theme of this sunny getaway to Mallorca back in May. In a fast growth environment like at Intigriti, it’s vital to maintain the human element behind the business.

Our Mallorca trip consisted of high-octane activities and deep relaxation, with the key takeaway simply being that we are blessed to have such a fun family. 

Movember

The Intigriti team got moving for Movember 🏃‍♀️🚶‍♂️ We promised to donate €1 for each kilometer they moved. We’re proud to say our our team raised €1.461 to the Movember foundation!

While we may be coming into the holiday season, we’ll be continuing to keep you updated on the latest topics and trends, so keep an eye on our blog!

You may also like