Industry Investment Rating - The report does not explicitly provide an industry investment rating [1][2][3] Core Viewpoints - The number of vulnerabilities discovered and reported by white-hat hackers in China has increased significantly, with an average of 93 vulnerabilities submitted per person in 2024, the highest in history [2][3] - The average annual income from bug bounty programs for white-hat hackers in China reached 47,262.3 RMB in 2024, a 36.3% increase from 2023 [2][3] - The proportion of white-hat hackers with professional certifications has risen to 58.2%, indicating a growing emphasis on skill validation [2][3] - The majority of white-hat hackers are young, with 67.7% being born after 2000 and 27.6% being born in the 1990s [2][3] - White-hat hackers are highly self-motivated, with 5.1% spending over 50 hours per week learning and improving their skills [2][3] White-Hat Talent Capability Analysis - In 2024, 61.1% of white-hat hackers submitted more than 10 vulnerabilities, and 10.0% submitted over 300 vulnerabilities [3] - The average weekly self-study time for white-hat hackers is 13.4 hours, with 5.1% spending over 50 hours per week [3] - 58.2% of white-hat hackers hold professional certifications, with NISP being the most common [3][15] - The average age of entry into the white-hat community is 21.7 years, with 61.3% joining during their university years [22][23] White-Hat Talent Lifestyle Profile - Male white-hat hackers dominate the industry, accounting for 92.7% of the total, while females make up 7.3% [20] - The most popular hobbies among white-hat hackers are gaming (56.6%), watching short videos (49.7%), and fitness (48.5%) [25] - 74.5% of white-hat hackers are introverted (I-type), and 60.0% prefer structured and organized environments (J-type) [26] White-Hat Talent Career Profile - Students make up the largest group of white-hat hackers at 39.4%, followed by employees of security companies at 25.4% [28] - Penetration testing engineers account for 54.4% of white-hat hackers, making it the most common role [29] - Personal interest is the primary motivation for 61.7% of white-hat hackers to enter the field [31] - Third-party vulnerability response platforms are the preferred choice for submitting vulnerabilities, with 32.7% of white-hat hackers using them [32] Social Recognition of White-Hat Talent - 64.8% of white-hat hackers find their work "very cool" or "somewhat cool," though this percentage has been declining in recent years [36] - 46.9% of white-hat hackers receive support from family and friends, while 4.1% face strong opposition [36][38] - 10.3% of white-hat hackers believe their profession helps attract romantic partners, while 10.8% feel it negatively impacts their dating life [39][40] Social Interaction of White-Hat Talent - The average social circle of a white-hat hacker consists of 21.5 other white-hat hackers, with 41.8% having 3-10 friends and 14.0% having over 50 friends [42][43] - 83.8% of white-hat hackers have participated in offline gatherings or events, indicating a strong sense of community [45] - 45.6% of white-hat hackers are willing to attend large cybersecurity conferences, with 29.6% even paying out of pocket to attend [47] White-Hat Talent and Bug Bounty Programs - As of August 2024, the Butian platform has registered 135,733 white-hat hackers and received 1,924,239 vulnerability submissions [49] - The top three white-hat hackers on the Butian platform in the first half of 2024 were "达达带我挖漏洞," "fireahck," and "陆讯" [50] - The most prolific white-hat hacker submitted an average of 266 vulnerabilities per day [50]
2024中国白帽人才能力与发展状况调研报告
2024-10-22 02:30