Indians remain the biggest beneficiaries in Facebook’s
Bug Bounty program, the company’s initiative to allow security
researchers to find flaws on its platform. Joey Tyson, a security
engineer at the company, wrote in a post that Indians lead the world
when it comes to raking in the moolah, taking the biggest chunk of the
$611,741 (roughly Rs 4.08 crores) distributed to 149 researchers via the
program between January and June 2016.
USA and Mexico took the next two spots in the list of countries whose
developers get the most money for finding bugs on Facebook. The company
has distributed over $5 million among more than 900 researchers under
the program in the five years since its inception.
India has been a dominant force in the Facebook bug bounty program
over the past few years. Cyber-security researchers and developers from
India had been awarded roughly Rs 4.8 crores since the program was
started, according to data the company released in March this year. Facebook did not reveal the breakup of the bounty distribution for the first half of 2016.
Facebook’s Bug Bounty program lets white hat hackers report
vulnerabilities in Facebook and its acquired companies and products,
such as Instagram, Free Basics, Oculus, and Onavo. With the help of the
Bug Bounty program, security researchers were able to report over 9,000
bugs on Facebook platforms in the first half of the year.
This year, Facebook added WhatsApp to the program, expanded payment
options to include Bitcoin, and switched to an automated payment process
so researchers can be paid faster, Tyson said in the post. Additionally, the award notifications now include information on how the specific bounty was determined.
More changes are coming to the initiative, as Facebook plans to share
more educational resources on security fundamentals and topics specific
to our products.