The bug bounty doubles.
Facebook is offering up to $1,000 to white hat security researchers who can find a flaw in the codes that runs in Facebook’s advertising system.
As part of its bug bounty programme, the social media giant currently pays $500 to those who find a bug in its system, but now the company has doubled the amount to spot a single bug.
Facebook security engineer Collin Greene said: "We recently completed a comprehensive security audit of this area ourselves,"
"We found and fixed a number of security bugs but would like to encourage additional scrutiny from white-hats to see what we might have missed."
Greene highlighted that there are backend code that are not reachable via websites, and the issues that have been found in these area have relatively high impact upon Facebook’s advertising system.
Most of the reports received showed bugs in the common Facebook code, and according to the company it can be found in the user interface code of the ads rubric as well as in the developer API.
Greene added that through the programme Facebook is encouraging researchers become more familiar to the surface area of the ads and helping them to better protect business using the advertising system.
Greene added: "At this stage of our bug bounty program, it’s uncommon for us to see many of the common web security bugs like XSS."
"What we see more often are things like missing or incorrect permissions checks, insufficient rate-limiting that can lead to scraping, edge-case CSRF issues, and problems with SWFs."
