In a post titled “Security Bug Bounty”, Facebook said: “To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs.”
To be eligible for the $500 bounty, the person must be the first individual to report a bug which “could compromise the integrity or privacy of Facebook user data”.
Facebook gives examples of these bugs as a. Cross-Site Scripting (XSS), b. Cross-Site Request Forgery (CSRF/XSRF), c. Remote Code Injection, etc.
People who want to get the bounty must also allow Facebook to investigate the bug before making it known to the public.
Facebook also says that for a person to qualify, s/he must “Reside in a country not under any current U.S. Sanctions (e.g., North Korea, Libya, Cuba, etc.)”
The Facebook bounty is not fixed, however, as the world’s largest social network describes it as: “A typical bounty is $500 USD” with the possibility of an increase probably judged by criticality of the bug.
You can read more from Facebook’s post here.
Source
Hello Contact me on www.newtechie.com or mail me at newtechie.com@gmail.com
ReplyDelete