The idea of the bug bounty program is to allow firms who may not be able to afford to stand up a full time cybersecurity team or those who are having trouble recruiting and retaining cybersecurity teams to temporarily have freelance ethical hackers perform penetration testing on their systems. This allows these companies to discover unknown vulnerabilities.
The more experienced the hacker the more they expect to be paid. Less experienced hackers are often willing to take on jobs for less money and to gain experience and make a name for themselves. Overall, the concept of the program benefits the hackers because they get paid, and the companies who hire them because they get inside knowledge about possible issues and vulnerabilities that exist on their networks. Although some companies in certain industries may get fewer reports than others in other industries. It was also noted that the reports generated from hackers hired in these bug bounty programs become less valid over time.