The security industry is facing a resource shortage, with companies accelerating their cloud presence and growing API ecosystems, leading to an increase in bug bounty programs. Enterprise bug bounty adoption has reached an all-time high, with payouts exceeding $6 million and average payouts increasing to $451. The highest payouts are for hardware/IoT targets, while mobile applications offer the lowest. As programs mature, organizations must consider how to adjust their payout structures to avoid stalling or losing researcher participation. Companies like Apple are learning to manage pricing vulnerabilities effectively, reducing the risk of hackers selling serious vulnerabilities to other companies. A wide scope with interesting targets is crucial for attracting talent and staying competitive in the bug bounty market.