Are bug bounties cooked?

This blog was written by hand without any AI assistance. Does that make the blog more valuable? I'm not sure. And that's kind of what this blog is about.

I'm in Kuala Lumpur at the moment. It's insanely humid here so air conditioned shopping malls are like magnets, and I'm like ironman. Luckily there are loads of malls here. The bigger ones are crammed with luxury brands. I caught myself ogling at some nice watches through a shop window, the sales person noticed and commented on my trusty Casio. "Time for an upgrade?"

Then he started talking my ear off about the history of mechanical watch mechanisms vs. quartz. My ears pricked up - he was describing exactly what's happening in the bug bounty space right now.

For about 400 years, a handful of craftsmen in Switzerland dominated the watch-making game. Back then, it was really difficult and expensive to make a watch that kept time accurately. They used a complex arrangement of gears, weights and springs, assembled by hand. Then, around the 1960's, the "Quartz Revolution" (also known as the "Quartz Crisis", if you were a watchmaker) took place. Someone figured out that a quartz crystal vibrates at a precise frequency when you run electricity through it. This precise frequency could be used to keep time with far more accuracy and almost no moving parts. Importantly, it could also be mass produced at a fraction of the cost of a handmade Swiss watch mechanism.

The Swiss actually invented this method, and even made the first quartz watch prototype, but they didn't think it would ever take off, so they shelved it. Seiko Japan got wind of this and shipped the first commercial quartz watch in 1969, called the "Astron". Almost overnight, a whole bunch of generational Swiss watch makers went out of business, and artisan watch-making became virtually extinct.

Except Swatch. They went head-to-head with Seiko by releasing a small, fun, plastic quartz watch and it did very well. They realised that quartz watches were the new norm, and they adapted to the times by producing them instead of mechanical watches.

Today, mechanical watches are not sold for their accuracy, but they are still sought after for their artistry, heritage and meaning. In some circumstances, they are also still preferred for practical reasons; they don't need batteries and they tend to last longer, often passed down through generations.

So to put it all together: A complex art form (watchmaking/hacking) was automated cheaply (quartz/AI). A bunch of artists (watchmakers/hackers) were suddenly out of a job, but the ones who adapted (Swatch/AI innovators) excelled. The art of watchmaking (or manual hacking) is still prized for niche purposes, but the primary purpose of the art form (keeping time accurately / finding bugs) was replaced by a better technology (quartz/AI).

---

I'm one of the watchmakers. There's a part of me who misses how hacking used to be, before AI. Don't get me wrong, I love AI. It makes me more productive, and I use it extensively every day, for hacking and for everything else, but I can't help feeling like a beautiful art just got automated.

It doesn't really matter how I feel though - AI is here to stay.

Bugs: Supply vs. Demand

Five years ago, a critical bug was genuinely hard to find. It took years of intuition-development, a deep mental model of a target, and a few tricks you'd developed yourself. The number of people who could reliably find a critical bug in a hardened bug bounty target was small, and that scarcity was the product. Programs paid well because they were renting a rare kind of hacker brain.

Now, many of those same bugs are findable by almost anyone with basic hacking knowledge and a frontier model subscription. Bug discovery suddenly got cheaper, faster, and easier, and the moment something gets cheaper, faster, and easier, supply goes up.

Demand, meanwhile, hasn't changed. Companies need the same number of bugs fixed as before. Supply increases, demand stays the same, the value of a bug plummets. That's not the whole story though.

AI Can Replace Most of What Hackers Did

From my own bug bounty hunting, conversations with top hunters, and just keeping up with the field, I can tell you that a huge chunk of bug bounty submissions now are bugs that were found by AI automation, either partly or completely. And as models get more intelligent, the need for clever harnessing is diminishing. A year or 2 ago my AI bug-finding setup involved a complex harness to keep things on track. Now I'm finding that the frontier models without any harnessing are more effective because they have the freedom to "follow their nose" intelligently, the way a human hacker would. The frontier models have gotten so good that you can roughly point one at a program, say "find bugs in this," and it will. They still require validation though, and they perform better with some guidance from someone who knows what they're doing.

We've seen a similar thing play out before in bug bounties. When EASM tooling got popular, the hackers who automated finding bugs at scale cleaned up, right until everyone started doing it and then it became less profitable. AI is that same thing happening again on a larger scale.

Recent Bug Bounty Platform Drama

If you follow the bug bounty space, you've probably seen the drama play out on X. HackerOne announced Agentic PTaaS, and Bugcrowd announced "Savant". The hacker community has two main fears:

1) That these products are trained on hackers' submission data.

2) That these AI products will be used to quietly clean up bugs before hackers get access to bug bounty programs, shrinking the bounty pool available to hackers.

HackerOne's has stated flatly on the CTBB podcast (and social posts) that they don't train generative models on researcher submissions, drawing instead from public CVEs, benchmarks, and opt-in runs. Some hackers were satisfied by this, others didn't believe it.

My take is going to be unpopular: it doesn't matter. It doesn't matter whether they're using submission data to train models, and it doesn't matter if they use an AI solution to clean up bugs before hackers get access.

Most hackers don't have any secrets in their bug bounty submission data. Bug bounty hunters are almost exclusively using techniques that are well documented, that AI already knows about anyway. Either that or they're finding business logic bugs that are only applicable to one target. If the hacker does have some secret sauce, it is typically part of their methodology rather than the actual submissions, so that type of data wouldn't make it into training anyway. Many bug bounty hunters were already keeping their methodology close to their chest before AI came along anyway, for fear of it being stolen by triagers and program owners (which it occasionally was!).

And the frontier models don't really need extra training data. They're already good at finding bugs, and they keep getting better.

Then there's the other fear - that platforms will use their own proprietary AI scanner to clean up bugs before the program is released to hackers. Does it really make a difference if they do this? Whether they do or don't, bug bounty hunters are already competing against AI. The internal security teams of programs are already running offensive AI products on their attack surface. TodayIsNew and 20 other top-tier hackers have already unleashed their automation setups before you got invited. XBOW, Ethiack, Penligent and a billion other offensive AI startups are already testing their products on bug bounty programs too. BB hunters are already competing with the best AI pentesting solutions in the world. Whether that has the Hackerone/Bugcrowd logo on it, or some other logo, it makes very little difference.

The odds have always been against bug bounty hunters and we have always found bugs anyway, because that is the nature of hacking. Our job is to find things that are not supposed to even exist. Programs always try to be perfectly secure, yet there are always more bugs to find. This isn't about to change.

I wouldn't want to be running a bug bounty platform right now. The offering that they have spent so much effort marketing, access to human hackers, is about to get far less valuable. Not because AI will suddenly remove the need for human bug bounty hunters, but because some program owners will have the perception that this is the case. Sometimes, perception matters more than reality. It's true that program owners can suddenly replicate a meaningful chunk of a bounty program's success by simply pointing AI at their own attack surface, the same way many hackers do. It will feel cheaper, faster and easier to them. But it won't be as good as a roomful of top 0.1% hacker humans with their deep experience (and their own AI setups), it just never will be. Partly because those same hackers will have access to the same models, but will be wielding them with more finesse. If two people have the same sword, but only one is good at sword fighting, who wins?

The Case Where Bug Bounties Actually Will Suffer

There is one case where I fear bug bounties actually could suffer due to AI.

A huge part of what makes bug bounties so special is the diverse range of intelligence you get due to the equality that is built into the system. Two hackers from completely different backgrounds have basically the same opportunity to succeed, as long as they have access to a decent computer and internet. There are stories of top bug bounty hunters who started out finding bugs with an old phone and pure persistence. Programs don't care who you are or where you're from - if you submit a critical vulnerability first, you get paid for it. The differentiator is mostly just skill. This is what allows bug bounty platforms to uncover the most talented hackers in the world - it's purely data driven and based on merit.

The thing that worries me about AI tooling is that it's expensive (for now). Most of the top bug hunters I know are spending hundreds to thousands of US dollars per month on AI tokens to augment their hacking abilities. If that's what you need to spend in order to enter the arena, then a lot of the future talent will simply never get the opportunity to start. I worry that this would narrow the bug bounty talent pool over time, to the point where bug bounties would no longer be worth it.

You can already see this phenomenon in other disciplines - like sport. It's possible for a pro football (soccer) player to come from a disadvantaged background because all you need to get good at football is a football. That's why you see many rags to riches stories in the premier league. On the other hand - you don't see many F1 drivers coming from poor backgrounds, because motorsport is so brutally expensive to get into. There might be people who have natural talent that outweighs Max Verstappen, but they never even got the opportunity to step into a go-kart. I would hate to see this happen to bug bounties!

Let me make this clear - part of the reason that a room full of top bug bounty hunters can still find a stack of critical bugs in a hardened target is because they bring diversity in their methodologies, skillsets, and thought patterns. If offensive security efforts are limited to a single LLM, without any steering from humans, then you are effectively relying on a single brain. A very smart brain, perhaps the smartest ever, but just one. It will never bring the diversity of 1000 human brains, which is part of the reason that it could never completely replace humans. It's important that bug bounties remain accessible to everyone.

Asymmetry

There has always been an asymmetry between attackers and defenders. Defenders need to thwart every attack, attackers only need to be successful once. AI currently doesn't solve this, because attackers get access to the same capabilities as defenders, and they're using it with great success. I would even argue that current AI capabilities are better for attack than defence, which tips the scales even further in favour of the attackers (and the bounty hunters).

Attackers also have the advantage that they can be scrappy. If you're using tools for defending an enterprise, there are typically a bunch of hoops that those tools need to jump through before they're usable in that environment. They need to have SOC2/ISO27001 compliance audits, implement enterprise SSO, work at scale, do marketing etc. Attackers can just use the scrappiest, fastest, cheapest setup possible, often with great results. So while enterprise companies can buy a $1M/year super duper AI powered defender 9000++, it uses the same underlying LLM that the attackers will be using to bypass it, the enterprise security teams don't actually gain any advantage. Their security programs just cost more now.

What Should Hackers Do?

We do what hackers have always done. Be Seiko and Swatch. Adapt to the new technology, use it. Use it in ways that other people aren't yet. Find the edge cases that aren't covered by others. Innovate. Find new ways to uncover bugs. Find new bug classes entirely.

The hackers who truly win the next 5 years will be the ones that treat AI how the bug bounty automation pioneers treated their automation setups. Shubs -> Assetnote, Rishiraj Sharma and Sandeep Singh -> ProjectDiscovery, Frans Rosen -> Detectify, Roni Carta -> Lupin and Holmes. These are all examples of bug bounty hunters that expanded their bug hunting automation into startups. There will be another wave of this with offensive AI.

So, Are Bug Bounties Cooked?

No.

The bug bounty model still stands strong, even if the models get 10x more intelligent, because the bug bounty platforms (and their customers) will continue to get value from a variety of different tooling setups and intelligences testing their systems. AI will never wipe out the need for offensive security, because AI doesn't give defenders an advantage over attackers. If anything, it makes attackers more sophisticated, with more scale.

I miss how hacking used to be in a nostalgic sense, I feel warm and fuzzy when I reflect on how hacking made me feel 10 years ago. Something just doesn't feel as warm now. Hacking feels more corporate and cold. But I am also excited for the future. As hackers we're still figuring out what we bring to the table in a world where AI exists, but one thing is for sure: hackers will continue to be valuable, just like watchmakers.

And yes, this blog is more valuable because it was written by a human. I write a lot of blogs for cybersecurity companies through my cybersecurity marketing business, and it's clear that people perceive hand-crafted content to be more valuable than AI generated content. Just like how mechanical watches are more expensive than quartz. Just like how human hackers will still be valuable in a world with AI.