At the beginning of this year, Bugcrowd released its "Defensive Vulnerability Pricing Model" that sets market rates for security vulnerabilities by criticality, providing guidance on budgeting for crowdsourced security programs and attracting top talent. This model is informed by tens of thousands of vulnerability submissions and years of running public and private crowdsourced security programs, and has already started to be adopted by organizations. The goal of this model is to facilitate more payouts to crowdworkers, increasing activity and engagement, and ultimately providing more value for organizations committed to building secure products. By advocating for competitive bug payouts and encouraging companies to reward appropriately, Bugcrowd aims to increase motivation and activity amongst the crowd, as seen in the success story of Jet.com, which has aligned its rewards with the suggested rates. The model is a living document that will be reassessed quarterly to ensure it remains fair and competitive.