‘Bug bounty’ helps techies make a killing amid Covid lockdown

11 months ago 48
google news Flipboard

AHMEDABAD: The Gandhinagar resident is part of a growing tribe of highly skilled programmers who can scan codes to detect vulnerabilities. Nikhil Srivastava, an Ahmedabad-based cyber security expert and mentor, said bounty hunting could be highly rewarding if gigs are offered by giants such as Google, Apple, Microsoft and Amazon.
“It’s a win-win deal for companies and experts,” said Srivastava, who made $35,000 (about Rs 26.7 lakh) over the past three months. “Companies benefit from the scrutiny of hundreds of experts,” he said. “If the bounty is significant, thousands join the hunt for security problems and other glitches. The experts benefit from huge monetary rewards and sometimes other perks.”
When the payouts are so high, why hasn’t the field attracted more full-time security experts? Paresh Parmar, a programmer from Ah-medabad and a full-time bounty hunter, said th-ere could be fewer than 100 like him in Gujarat. “For starters, it’s a fi-eld demanding high skills, where programming and coding patterns change periodically.”
According to Parmar, the job entails consta-ntly scanning for new bounties on platforms such as HackerOne, Synack, Bug Crowd and Cobalt. “During the lockdown, I had to hunt for more bounties as rewards had shrunk,” he said.
Online fame as a “top hunter” is the big-gest lure for the young because reputation breeds money. Jenish Sojitra, a BTech student from Rajkot, earned more than $50,000 (approximately Rs 38 lakh) in bounties during the lockdown. “Nowadays, crypto programs and platforms pay huge sums for bounty hunting,” he said. “I also won bounties for identifying issues with application program interfaces (APIs). I got another reward for diagnosing a problem in an Internet of Things (IoT) device.”

  1. Homepage
  2. India