Abstract
Bug bounty programs are a great way for companies and organizations to help keep their systems and information secure; however, there are only a limited number of white hat hacking participant spots. With only so many seats available at the table, being able to determine the most qualified group of individuals is critical to the efficiency of the program at large. Digital natives, people born into the digital age, provide an instinctive approach when dealing with technology. On the other hand, digital immigrants, people who grew up before the digital age and had to adapt to new technology, evidently utilize experience. This paper focuses on the observation and analysis of each group’s ability to identify critical inconspicuous vulnerabilities within presumably attack proof products. The goal was to identify how the younger generation’s ability to utilize technologies in unanticipated ways could provide security insights often overlooked by more experienced security professionals. We present members of each group six different newly released tech products asking them to, without effort, identify an uncommon usage and vulnerability for each. Their responses are then scored based on classification. After careful classification and analysis, it was determined that millennials with a technical background were the ideal candidates.
Document Type
Paper
Disciplines
Information Security
DOI
10.25776/qs9c-9x93
Publication Date
10-2020
Upload File
wf_yes
Included in
The Hidden Advantage Among Digital Natives within Bug Bounty Programs
Bug bounty programs are a great way for companies and organizations to help keep their systems and information secure; however, there are only a limited number of white hat hacking participant spots. With only so many seats available at the table, being able to determine the most qualified group of individuals is critical to the efficiency of the program at large. Digital natives, people born into the digital age, provide an instinctive approach when dealing with technology. On the other hand, digital immigrants, people who grew up before the digital age and had to adapt to new technology, evidently utilize experience. This paper focuses on the observation and analysis of each group’s ability to identify critical inconspicuous vulnerabilities within presumably attack proof products. The goal was to identify how the younger generation’s ability to utilize technologies in unanticipated ways could provide security insights often overlooked by more experienced security professionals. We present members of each group six different newly released tech products asking them to, without effort, identify an uncommon usage and vulnerability for each. Their responses are then scored based on classification. After careful classification and analysis, it was determined that millennials with a technical background were the ideal candidates.