Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Facebook paid out millions in bug bounties this year

Image Description

Facebook has operated a bug bounty program in which external security researchers help improve the security and privacy of the social network's products and systems since 2011 and so far this year, the company has paid out over $1.98m to researchers from more than 50 countries.

Since its inception, more than 50,000 researchers have joined the program and around 1,500 researchers from 107 countries have been awarded a bounty. However, many of the researchers have since joined Facebook's security and engineering teams to continue protecting the company's platform.

While the bug bounty program initially covered just Facebook's web page, in the years since the program has grown to cover all of its web and mobile clients across Instagram, WhatsApp, Oculus, Workplace and more.

The social media giant recently launched its own Bug Description Language tool that allows researchers to quickly build a test environment to show how a bug can be reproduced. Facebook also launched its own rewards program called Hacker Plus to add bonuses, badges, exclusive invites to bug bounty events and early access to its upcoming products and features.

Facebook bug bounty

In this year alone, Facebook has received around 17,000 reports from security researchers and issued bounties on over 1,000 of these reports. Earlier this year, the company received two notable reports with one coming from a researcher who recently joined its bug bounty program and another from one of the researchers at Google's Project Zero security team.

The first report covered a low impact Content Delivery Network (CDN) bug where a subset of the company's CDN URLs could have been accessible after they were set to expire. However, after patching the bug, Facebook's internal researchers discovered a rare scenario where a sophisticated hacker could have escalated to remote code execution. The company then rewarded the researcher its highest bounty yet at $80,000 based on the maximum possible impact of their report.

The second report came from Project Zero's Natalie Silvanovich who discovered a bug that could have allowed a sophisticated attacker logged in on Messenger for Android to simultaneously initiate a call and send an unintended message type to another logged in user on Messenger's Android client as well as to another Messenger client such as a web browser. After fixing the issue, the researcher was rewarded Facebook's third highest bug bounty at $60,000.

As Facebook's bug bounty program approaches its 10 year anniversary, the company remains committed to rewarding security researchers who help the company further secure its products and systems.

Date

20 Nov 2020

Sources


Share


Other Blog

  • Samsung Galaxy Book Pro release date, news and rumors

    The Samsung Galaxy Book Pro series is on the way with two confirmed versions. Here’s a rundown of the specs, rumors and what we expect to see.

    Read More
  • HP's massive fall sale offers big savings on desktop and laptop deals this weekend

    Save big with HP's latest desktop and laptop deals, all offering excellent price cuts this weekend.

    Read More
  • Rackspace takes on ML web browser capabilities with Brave partnership

    Rackspace Technology teams up with Brave Software to improve web browser Machine Learning functionalities.

    Read More
  • Get $300 off the Dell XPS 13 with this limited-time Black Friday laptop deal

    No need to wait until next week: one of the best Black Friday laptop deals is available to buy right now. A brand new offer on the Dell XPS 13 has just launched as part of the manufacturer's Black Friday sneak peek sale. 

    In it, you can get a Dell XPS 13 for $649.99 - that's a saving of $300 off the usual price and gets you a high-performance laptop with a slick 13.3-inch InfinityEdge display, Intel i5 processor, 8GB RAM and a 256 SSD. With that spec, it's best-suited as a more portable device for demanding work and multitasking with ease.

    The exact same machine is also available in the Dell preview sale in the UK, though you won't find the reduction as significant as it is in the US. If you want to get it ahead of the Black Friday rush then the option is there, but patience could be rewarded with a bigger price cut once the sales start proper from next week.

    Dell XPS 13 Black Friday laptop deals

    Dell XPS 13 laptop: $949.99 $649.99 at Dell
    Save $300
    – This Dell XPS 13 Black Friday deal is a great price for a device that's regularly featured in our list of the best laptops you can buy. It's a versatile machine with a 13.3-inch Full HD InfinityEdge display, Intel i5 processor, 8GB RAM and a 256 SSD. Basically, it's everything you could want from a high-performance compact laptop for work, school or just general use - and this is the cheapest we've seen an XPS 13 all year. 

    Dell XPS 13: £849 at Dell
    Folks in the UK will also find the XPS 13 featured in the Dell early Black Friday sneak peek sale. It has the exact same specification – an Intel i5 processor, 8GB RAM and 256GB SSD – so exactly what you need when it comes to getting good performance from an everyday device. It's certainly more expensive than other devices with a similar spec, but the slim design, stylish 13.3-inch InfinityEdge display and long battery life make this a premium ultrabook.

    Why should snap up this limited-time offer while you can? Well, the XPS 13 has featured high in our list of best laptops for many years in a row. What's impressed our reviewers most is its elegant design, impressive performance and excellent battery life.

    As far as this year's Black Friday deals go, this is one of the very best we've seen so far. Definitely do not pass up on this opportunity to buy early if you'd had your eye on a slim high-performance laptop, or the XPS 13 in particular. For a smaller budget do check out our guide to all this week's cheap laptop deals, or for more ideas you can peruse the full list of Dell Black Friday deals that are available today.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us