- Facebook launches a program for hackers to standardized bugs reporting process
- FBDL is designed to help security researchers from all backgrounds
- Hacker Plus will offer extra bonuses and specials privileges to bug hunters
- The first-ever loyalty program for a tech company’s bug bounty platform
Facebook runs its own bug bounty program since 2013. They offer cash rewards for finding bugs in their services. Facebook is enhancing the program by launching Hacker Plus. This loyalty scheme is designed to spread benefits to the Bug Bounty community.
The Facebook Bug Description Language (FBDL) is created for all security researchers. The FBDL is available for participants as part of an alpha program. FBDL is designed to help researchers from all backgrounds and languages. It allows easy communication and sets up bug reproduction steps using a standard description language.
How is Hacker Plus and FBDL helpful to the bug community?
Facebook is offering multiplier bonuses on top of its standard bounty award payouts. There are also VIP perks for annual hacker events including paid travel and accommodation. Participants can also take part in bounties for unreleased products and features. There is a customized swag, and ‘ultimate bragging rights’ including badges for the researcher profile.
FBDL is meant to streamline the bug submission process by helping researchers build a test environment. FBDL helps make bounty reports submission easy. They do so by providing universal language to demonstrate potential impact.
Hacker Plus adopts a league-based setup with five divisions. It begins with the Bronze league and ends with the Diamond League. Users with the Bronze league can receive 5%, while a researcher in the Diamond league can get 20% bounty tips.
How has the Bug community impacted the society?
The bug bounty market has risen steadily over the past decade, with companies offering a reward structure for uncovering vulnerabilities. Google, Microsoft, and more tech companies are offering rewards.
This includes their “signal-to-noise” ratio. This also includes a number of valid vulnerabilities versus submissions that are duplicate bugs.
Multiplies bonuses on top of standard bounty award payouts.VIP perks to annual hacker events. Expanded access to private bounties for unreleased products and features.swag customized based on the league. Ultimate bragging rights as one reach the top and earn badges for the researcher profile.