AbstractWe first provide background on the “nuts and bolts” of a bug bounty platform: a two-sided marketplace that connects firms and individual security researchers (“ethical”
hackers) to facilitate the discovery of software vulnerabilities. Researchers get acknowledged for valid submissions, but only the first submission of a distinct [...]