2nd Year CSE (Grad 2028) – Is Focusing on Bug Bounty Worth It Long-Term?
I’m a 2nd year CSE student from India (graduating in 2028) and currently focusing on cybersecurity. I’ve been learning web security through PortSwigger Academy and have already completed topics like access control, authentication, and web cache deception.
I’m comfortable with basics of Linux, networking, and tools like Burp Suite, and I’m planning to continue deeper into web vulnerabilities.
My main question is:
- Is it worth investing significant time into bug bounty at this stage?
- Or would it be better to focus on a more structured path like penetration testing or cloud security for long-term career stability?
With AI evolving quickly, I’m also unsure how valuable bug bounty skills will be by the time I graduate in 2028.
I’d really appreciate guidance on what path would be the smartest to focus on right now.
u/Due_Committee5549 — 10 hours ago