Explore the evolution of bug bounty programs in this 38-minute Black Hat conference talk. Delve into the history of bug bounties, from their inception to the game-changing "Hack The Pentagon" initiative in 2016. Examine the myths and realities of competing with the offense market, and consider alternative solutions for ethical hackers. Analyze the effectiveness of modern bug bounty programs over the past decade, and discover potential future directions for hackers, organizations, and the security industry. Learn about vulnerability coordination maturity models, organizational commitment, labor laws, and big payouts. Gain insights into metrics, vulnerability handling, and the potential of cybersecurity apprenticeships in shaping the future of bug bounty programs.