Facebook offers bug hunter bounties

The typical reward for finding a Facebook flaw will be $500, Zuckerburg's firm says.

Facebook

Facebook has launched a security bug bounty programme to reward researchers for making the social network a safer place.

Various Web 2.0 giants offer similar rewards for flaw finders, with Google handing out many monetary prizes for disclosure of bug information.

"This is another way that we would like to show our appreciation to the security researchers who help us keep Facebook safe and secure for everyone," Facebook said.

Facebook has created a new whitehat portal where it outlines the company's responsible disclosure policy.

"If you give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research, we will not bring any lawsuit against you or ask law enforcement to investigate you," the social network said.

Facebook said a typical bounty would be $500 (304), but for certain bugs the reward would be higher. Only one bounty will be awarded per bug.

Bugs in third-party applications do not apply as Mark Zuckerburg's firm only wants to be notified of vulnerabilities which "could compromise the integrity or privacy of Facebook user data."

In particular, Facebook called for info on cross-site scripting flaws and remote code injection vulnerabilities.

Last month, pharmaceutical giant Pfizer had its Facebook page hacked, with hacktivist group The Script Kiddies claiming responsibility.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021
Facebook claims AI managed to reduce hate speech by 50%
social media

Facebook claims AI managed to reduce hate speech by 50%

18 Oct 2021
Facebook to hire 10,000 workers across the EU
social media

Facebook to hire 10,000 workers across the EU

18 Oct 2021
Ennoconn and Google Cloud enter a strategic alliance
Cloud

Ennoconn and Google Cloud enter a strategic alliance

14 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021