Footnote:
Nach Informationen von SSRN wurde die ursprüngliche Fassung des Dokuments July 5, 2022 erstellt
Description:
In this paper, we first provide background on the "nuts and bolts" of a bug bounty platform a two-sided marketplace that connects firms and individual security researchers ("ethical" hackers) to find and be rewarded for discovering software vulnerabilities. We then empirically examine the effect of an exogenous external shock (Covid-19) on Bugcrowd, one of the two largest "two-sided" bug bounty platforms. The shock reduced the opportunity set for many security researchers who either lost their jobs or were placed on a leave of absence. We show that the exogenous shock led to a huge rightward (downward) shift in the supply curve and to an increase both in the number of submissions and new researchers on the platform. The results suggest that had there been a larger increase in number of firms with bug bounty programs on the platform, many more unique software vulnerabilities would have been discovered. We quantify the benefits to the platform from the exogenous shock which enables us to shed light on the benefits associated with the gig economy