Social network Facebook to expand capabilities of its bug bounty program
In an effort to increase the protection of its users, the American giant of social networks, Facebook will increase its bug bounty program.
Indeed, Facebook will now be able to reward up to 500 dollars for all computer security specialists or researchers who can detect any vulnerability on its platform. Researchers will also be required to conduct several audits on a regular basis.
This article will also interest you: When the disclosure of security vulnerabilities remains a thorny issue
We've seen for some time that Facebook is betting a lot on these programs its Bounty bugs. Since April last year, the U.S. company has pledged compensation to anyone who finds flaws on its website. And it was in this context that Facebook's chief security officer Collin Greene announced that "financial rewards will be given to people who detect vulnerabilities. ».
But from now on, the social network no longer intends to observe so that it can wait for its bug hunters to find a flaw before Pirates. It will be engaged in on-demand testing to test its entire system and security models. and for this reason, the social network intends to set up a team of researchers from such as Google's Project Zero. The director of the security department of the world's most used social network will explain in a publication that is very ravishing: "We are expanding the to reward reports that mention proven vulnerabilities, in third-party applications and websites that integrate with Facebook."
When you know that the job of bug seeker is a job that is very much in vogue nowadays, Facebook will not take time to build up its army of computer bug hunters. However, to qualify, there are some rules for disclosing vulnerabilities as well as premiums that you would have to comply with first, if not Facebook from you will not be considered a collaborator in this sector.
The social network is very hopeful that this initiative will increase scope of the research and, for example, ricochet the safety of its users as a whole: " we hope to encourage the community of computer security researchers to engage a little more with us."
The average premium is €500 or €450. But it's not what you might call a reward stable because it can climb taking into account the importance of the security flaw discovered. It's example of this young man of Finnish nationality, only 10 years old, who got a $10,000 reward for uncovering a flaw important security issues. His feat had been to find a way to break into Facebook's servers, to remove comments made by users.
At the moment it is not clear when the program will start described by Facebook.
Now access an unlimited number of passwords: