Bug Bounty Policies 

Bug bounty policies are cost-effective ways for companies to identify vulnerabilities in their codes. These programs take advantage of the “gig economy” by employing freelancers in the security research department to find and report bugs. Findings indicate that researchers are driven by factors beyond money but factors like reputation and experience. These policies are beneficial to businesses of all sizes because revenue and brand profile do not significantly impact reports. However, while effective, bug bounty policies require further research to better understand the factors regarding program scope and bug security as well as influencing hacker supply.