This is a very unique way of finding bugs in systems, offering a bounty offers non-malicious incentive to hack systems and in return both sides win from this scenario. The paper finds that smaller bounty rewards still lead to similar numbers of bug reports meaning that smaller budgeted cybersecurity teams can make great results while not overspending. This is specifically great because a lower budget usually means less employees. The supplementation of ethical-hackers to basically help with low employee count means that systems can be reviewed by more people for a lower budget. It is also an easy way to find possible new employees. I believe Riot Games actually did a hack -> hire opportunity a few years ago. This just means that if you could hack their systems then you have a guaranteed interview.
Sources: https://academic.oup.com/cybersecurity/article/7/1/tyab007/6168453?login=true