The company opened the program at the starting of this month, assuring $500 for every susceptibility disclosed-more on exceptional cases.
According to the company, it has had to deal with bogus statements from people who were just looking for advertising but has had some more authentic bug statements.
Joe Sullivan, chief security officer said on the security blog of the company, “It has been fascinating to watch the roll-out of this program from inside Facebook. First, it has been amazing to see how independent security talent around the world has mobilized to help.”
“We know and have relationships with a large number of security experts, but this program has kicked off dialogue with a whole new and ever expanding set of people across the globe in over 16 countries, from Turkey to Poland who are passionate about internet security.”
According to him, Facebook has already paid out tens of the thousands of dollars, with one ‘really good report’ netting its finder $5,000. One more individual has achieved over $7,000 for flagging six different issues.
Facebook does not provide a peak figure for what it is ready to pay; Google gives up to $3,133, and Microsoft a whacking $250,000.
According to Sullivan that in spite of users’ demands, it is not possible to expand the program to the Facebook Platform- there is just too many different third party services concerned. It is fair enough point, even though quite a shame, given that this is where the huge majority of troubles happen.