Episode 13: How to Find a Good BBP + Acropalypse + ZDI
Critical Thinking - Bug Bounty Podcast
00:00
The Average Bounty Range of a Software Company
Of their 400k you can be almost certain that 80% of those are literally just like Bottom of the barrel type low hanging fruit like lows and that's why that average bounty is 150 to 250 dollars. It's not critical things, but they are valid reports If you look at their top bounty range, that's probably what when I would start to be like, okay How likely is it that they're gonna pay something really bad? And if so, what are they paying for it, right? So that'll typically show like the very top end of the bounties that they paid if they've ever paid a full max crit Which they have right there bounty Their top bounty range is 2000 to
Transcript
Play full episode
