The promise of a bug bounty program is that an ethical hacker will be rewarded with a financial award (the ‘bounty’) for responsibly disclosing a security vulnerability. What types of people actually participate in bug bounty programs and why do they do it? Those are just a few of the questions that managed bug bounty platform provider HackerOne answers in its 2018 Hacker Report.