India Is World Number 1 At Bug Hunting, Followed By The US

India’s had a pretty miserable time at the Rio Olympics having won fewer medals than counties like Kazakhstan, Kosovo and tiny Fiji, but there’s something the country is good at. While India might not be making its mark in sporting prowess, it’s doing really well in a a strange field – bug hunting. 

Bug bounty hunting is the process of finding and reporting  security errors or vulnerabilities in popular applications software programs or company websites for a fee. Several high profile companies, including Google, Facebook and Apple have bug bounty programs in which they give ordinary people large sums of money for reporting errors in their software. 

And Indians seem be right at the forefront. According to a report by BugCrowd, India ranked first worldwide in the number of such bugs submitted and the money paid out. Indians contributed to 43% of total submissions and 35% of the total money paid out. It was no. 1 in both categories. 

Screen Shot 2016-08-19 at 11.47.15 AM

India was followed by Portugal, United States and United Kingdom in the amounts won by bug hunters.

When asked which technologies they had intermediate to advanced skill in, 95% of respondents felt they had intermediate or advanced knowledge of web application testing, 48% in Android, 28% in iOS and 15% in IoT. While the Bugcrowd community is made up of security researchers with expertise across numerous technologies, accessibility, complexity and opportunity contribute largely to these responses.

While these bug hunters might not earn the plaudits in mainstream media, the amounts paid out are not insubstantial – a Flipkart employee recently won $15,000 (around Rs. 10 lakh) from Facebook for reporting a single vulnerability. Several Indians have become bug hunting professionals, and use bug hunting as their primary source of income. The best aspect of these programs is that they’re open to anyone – you don’t need degrees or professional experience to participate. A 10 year old Finnish student recently was awarded $10,000 for reporting a bug on Instagram. 

Security issues may be a huge issue for the world’s biggest companies, but they sure double up pose as lucrative income opportunities for some techies.