1. Forum
  2. fsxNet
  3. fsxNet BOTS

  • Meta Paid Out Over $2.3 Million in Bug Bounties in 2024

    From TheCivvie@21:1/229 to All on Sun Feb 16 14:52:58 2025
    Facebook parent company Meta says it handed out more than $2.3 million in rewards to security researchers as part of its bug bounty program in 2024.

    The company received nearly 10,000 vulnerability reports last year, approximately 600 of which qualified for a bounty payout. Close to 200 researchers received rewards, the company says.

    Since 2011, Meta has awarded more than $20 million in bug bounties to researchers hunting for security defects in products such as Facebook, Messenger, Instagram, WhatsApp, Workplace, Meta Quest, Ray-Ban Stories, Meta AI, and open source code.

    Per the companyĔTs guidelines, researchers can earn as much as $300,000 for vulnerabilities leading to code execution in mobile products, up to $145,000 for account takeover flaws, $45,000 for bugs in Meta hardware, and $40,000 for server-side request forgery (SSRF) issues. Rewards for other types of vulnerabilities are also available.

    Since 2023, Meta has been rewarding researchers for reporting bugs in its generative AI features, and is now receiving reports for integral privacy or security issues associated with its LLMs. Mixed reality products are also in its bug bounty programĔTs scope.

    Meta is offering up to $30,000 for defects in ads audience tools leading to the compromise of personal information, but researchers may end up receiving less, as the company applies deductions based on required user interaction, prerequisites, and other mitigating factors.

    As it is getting ready to host its annual Meta Bug Bounty Researcher Conference (MBBRC) in May (this year in Tokyo), the company is celebrating Philippe Harewood as one of its most long-standing and prolific researchers, who received over 500 bug bounties for valid reports submitted over the past 10 years.

    ƒî¨For the past 14 years, our bug bounty program has fostered a collaborative relationship with external researchers that has helped keep our platforms safer and more secure. We would like to extend a heartfelt thanks to everyone who contributed to the growth of our program in 2024,ƒî¨ the company notes.


    ... BBBS: https://binkd.rima.ie

    --- BBBS/LiR v4.10 Toy-7
    * Origin: TCOB1: https/binkd/telnet binkd.rima.ie (21:1/229)