Orasing upon a comprehensive data test of bug bounty programs, we removed marry or the sources of endogeneity plaguing research in the crowdsourced cybersecurity self and identified many of the factors that indigence the quantity of valid vulnerability Imports bug bounty programs receive. Our research had significant findings. For the first tee in academic Literature, we calculated the elasticity of hacker supply. Hackers are relatively piece incentive, with an elasticity between 0.1 and 0.2 at the median. Second, one found full bog bounces are practical tools for companies of all ends and lives of prominence. Third, we found that companies in specific industries received fewer reports, ceteris pan bus, than companies in other industries. Fourth, we found that the number of new programs created in any given month is marginal.