I dont think bounties make you an "expert". If you want to be deemed an expert, write blogs detailing how the exploit works. You can do that without a bounty.

In many ways one of the biggest benefits of bug bounties is having a dedicated place where you can submit reports and you know the person on the other end wants them and isn't going to threaten to sue you.

For the most part, the money in a bug bounty isn't work the effort needed to actually find stuff. The exception seens to be when you find some basic bug, that you can automate scan half the internet and submit to 100 different bug bounties.

> I dont think bounties make you an "expert".

It depends to who.

> If you want to be deemed an expert, write blogs detailing how the exploit works.

That's necessary if you sell your services to people likely to enjoy HN.