IT security research communities have been around for decades, sharing their findings with community members and the vendors of the affected product with the aim of accelerating some type of corrective action to safeguard users. As appreciation for the value of this service continued to grow, vendors began to offer bug bounty programs to provide researchers financial motivation to work with them to identify vulnerabilities.