Facebook Bug Bounty

Are you an ethical hacker looking for a challenge? If so, the Facebook Bug Bounty Program might be just what you’re looking for. Launched in 2011, the program provides an opportunity to discover and responsibly disclose bugs and vulnerabilities related to Facebook’s products, potentially earning recognition and rewards while helping keep Facebook—and its users—safe.

Program Overview

Launched:

2011

Status:

Active

Platform

Self-hosted

Website

https://www.facebook.com/whitehat

Payouts

Minimum Reward

$500

Maximum Reward

$80,000

Average Payout

$1,800

Total Payouts

$14 million

Scope

Rules

To be eligible for a bounty, you can report a security bug in one or more of the following Meta technologies and programs:

  • Facebook
  • Messenger
  • Instagram
  • WhatsApp
  • Quest
  • Workplace
  • Portal
  • Internet.org / Free Basics
  • Express Wi-Fi
  • Ray-Ban Stories
  • Open-source projects by Meta

For more information, please visit https://www.facebook.com/whitehat.

Frequently Asked Questions

Does Facebook have a bug bounty program?

It certainly does! Facebook launched its bug bounty program in 2011 to reward security researchers for finding and reporting any potential vulnerabilities related to the service. This approach allows Facebook to proactively identify problems before malicious actors exploit them, ensuring the company’s services remain secure. For more information on Facebook’s Bug Bounty Program, please visit https://www.facebook.com/whitehat.

How much does Facebook pay for bug bounties?

The amount of payment awarded depends on the severity of the issue reported. Awards range from $500 up to $80,000, depending on the significance of the security vulnerability you identify. Bug bounty hunting is no small feat and can be very lucrative for those willing to do the hard work!