Facebook doubles reward for bug reports in advertising code
Facebook is doubling the rewards it will pay for security vulnerabilities related to code that runs its advertising system, the company said Wednesday.
A comprehensive security audit of its ads code was recently completed, but Facebook “would like to encourage additional scrutiny from whitehats to see what we may have missed,” wrote Collin Greene, a security engineer, in a blog post. “Whitehats” refers to ethical security researchers, as opposed to “blackhats” who take advantage of vulnerabilities.
According to bug bounty program guidelines, Facebook pays a minimum of US$500 for a valid bug report. Until the end of the year, that has been increased to $1,000.