Facebook had adopted the bug bounty progtam last month and for the rewarding, they have already paid out $40,000. The program was launched to highlight the security flaws which were currently prevailing in their social networking site. Monday saw an announcement from Facebook which noted that within a span of three weeks, they have shell out $40,000 to those whose detailing have helped the social networking giant in identifying bugs. A bug spotter came up with six different issues and pocketed more than $7000 in all for reporting them, while one of the experts gave a single report which helped him picking up $5000 alone for the report.
Joe Sullivan, Facebook’s chief security officer, blogged that the bug bounty program was successful. He was happy that the independent security talent around the world has come forward to help Facebook in detecting bugs. He even wrote that this program response would help in making Facebook much more secure as they have surfaced small and large issues which help the Facebook team in recognizing novel attack vectors. Again it would even help them with the improvement in the code corner.
Sullivan even made the program terms clear that there were a few stories making rounds that the maximum payout for a bug notification would be $500, but in actual $500 was the minimum Facebook would pay. However, where they did pay out $5000 for a single report, they had to deal in with quite a few bogus reports too which had popped in by those who were looking out for publicity out of it and nothing else.
The independent security experts had an inclusion of request, which asked Facebook to extend its security to the third-party programs and applications. In response, Sullivan said that that was a move which is impractical as the count of these are not just one or two, but hundreds of thousands of independent Internet services. He continues saying that they still deeply care for the security on the platform. Visualizing this request being accepted, one can assume that the social networking giant can go bankrupt within no time, while trying to involved a bug-spotting scheme for these third-party applications and programs.
The blog post even had him noting that Facebook has a dedicated Platform Operations team which is working to scrutinize these third-party partners and their privacy practices and security is even frequently audited. Additionally, they have even come up with many backend toolshelping in automatically detecting and disabling malicious and spammy applications.
It looks like Facebook has been spot on in a way for tapping in the skills of the security research community, which is helping them in making their social networking site much more secure than it was earlier. Sullivan noted that the independent experts have had passed on valuable contribution. He concluded writing that the social networking giant, truly has the world’s best neighborhood watch program. This program was yet again a proof for the same.
For the count, there was no revelation made as to how many bugs in all were reported. But the contribution from all over the world had shown interest in helping Facebook be much more secure, is a great achievement in all for the social networking giant too.