Justin DeLoach
31 March 24
From my understanding the primary goal of the article was to introduce the policy of bug
bounties in order to help flesh out the holes in the cybersecurity framework that had
already been developed. By doing so they were able to identify the multiple
vulnerabilities and, in relation to the incentive theory, be able to be paid to essentially
break into the available network. There were a couple of interesting findings from the
article, the first being that the hackers didn’t really stretch the payment incentive that
was offered to them. It seemed that the hackers were generally just happy to be able to
go on these bug bounties in the first place. This relates to the theory that is rational
choice. This basically states that the reason they were not inquiring on higher pay is
because they were able to weigh the pros and cons of attempting to obtain the bug
bounties. And upon realizing that, for the gray and white hat hackers, there was no true
con that stopped them from wanting to exploit those vulnerabilities and retrieve payment
for doing so.