Source: Financial Times
As AI tools democratize vulnerability hunting, platforms like HackerOne and Bugcrowd are deploying counter-AI systems to filter junk submissions while implementing stricter vetting. This creates friction for legitimate security researchers. Companies can now afford to be pickier about who participates, potentially narrowing the diversity of researchers who find actual exploits and creating moats around traditional security talent networks. Bug bounties were supposed to open up vulnerability discovery; instead, they're calcifying into gated communities.