Sign In

Communications of the ACM

ACM Careers

A Look at the Facebook Bug Bounty Program in 2018

bug bounty, illustration

2018 has been a big year for Facebook's bug bounty program. The company recently awarded its highest bounty payout ever; expanded the program to include a new data abuse bounty and an industry-first bounty for third-party apps and websites; and increased the average payout for bugs that could lead to account takeover to $40,000.

Facebook awarded over $1.1M to researchers from more than 100 countries, bringing the company's payout total to date to over $7.5M. Highlights from the Facebook Bug Bounty program in 2018 include:

  • Around 17,800 reports received;
  • Bounty issued for over 700 reports;
  • The average award amount trended around $1,500;
  • The top three countries based on the sum of payouts were India, U.S.A., and Croatia.

From Facebook Bug Bounty
View Full Article


No entries found