The appsec industry has experienced a record-breaking year with numerous breaches, including the largest breach in history at Yahoo and the largest DDoS attack on record at 1.2TB using Mirai. The bug bounty model has seen significant growth, with many companies adopting it to improve their appsec programs. To support this growth, companies have focused on transparency, education, and quality, providing market rates for bugs, vulnerability rating taxonomies, and training resources to promote clear communication between hackers and companies. The industry has also seen a shift towards conventional wisdom, with the bug bounty economy maturing and stabilizing, driven by the growth of skilled hackers, high-quality results, and successful programs.