Facebook has recently announced some new features for the bug bounty program – which includes payout guidelines and security education resources. The payout guidelines contain insight into the process used by the businesses to determine rewards for specific vulnerability categories.
According to Facebook, “Our goal is to provide a launchpad for new researchers beginning to hunt on the Facebook program and explain the specific aspects of this program that make it different from other bug bounty programs.”
The initial release of knowledge articles aims to share advice on how to draft reports, avoiding common false positives. Besides, it also guides on how to test environments and set up accounts.
Source: SecurityWeek