Bug Bounty de Facebook: Earn $500 for every Facebook Bugs Report
Facebook is offering $500 reward for reporting bugs on its site. Although $500 Bug Bounty is very less when compared Microsoft, Google and Mozilla that offers around $3000 Bug Bounty. But money is not the only thing one makes. Reporting Facebook bugs can help a security researcher or software testers make name and fame in the software security world, with potential to earn much more than just bounty.
As HD Moore, the Chief Security Officer at Rapid7 said:
The dollar amounts may be smaller than other markets for security research, but bounty programs lead to a better relationship with the security community and improve the security of the service much faster than a similar resource spend in a traditional security audit.
How to Participate in Facebook Bug Bounty Program:Facebook launched a new Whitehat Hacking Portal where one can register for the bug bounty program and report bugs. Facebook has also published a acknowledgement list of 42 researchers who have made 'responsible disclosures' in the past, alongwith the current annoucement:
To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs.Facebook Bug Bounty program is for security related bugs and cross site scripting flaws. To qualify for the bounty:
- You must be the first to report the security glitch.
- The bug must be native to Facebook (not in third party application e.g Farmville).
- Disclosures must be "responsible" and you need to give Facebook a reasonable amount of time before reporting the bug publicly.
Bug Bounty programs vs In-house Software Security TestingFacebook, like Microsoft and Google, has been known to hire grey hat hackers in the past. Most recently Facebook has hired George "Geohot" Hotz, the infamous hacker linked with Sony Playstation 3 hacking.
However, an open public challenge Bug Bounty program is not a new concept in the Software world. It not only helps companies offering Sofware as Service (SoS) making their product secure and solid but also proved to be way cheaper than establishing a broad IT infrastructure and hiring an in-house team of security specialist software testers.
Bug Bounty de Facebook: Earn $500 for every Facebook Bugs Report Reviewed by Adnan Malik on 8:25 PM Rating: