Seems like you are saying that bug bounty researchers focus more on application security issues and not other types of security, which is certainly true, but [some % of] breaches occur via appsec issues and they’re what bit e-Tugra here.