Facebook and Microsoft Offer Bug Bounty

In an attempt to lure blackhats away from their lucrative underground markets, and maybe even a few whitehats from their equally lucrative government positions, Microsoft and Facebook have teamed up to offer anyone who can poke holes in their code a prize of $5,000 per exploit.

Now, this might seem a little low considering what the yearly salary of a cushy bureaucratic position can provide, this is just the tip of the iceberg in a first-of-its-kind joint venture between the software giant and social media mogul.

“Our collective safety is only possible when public security research is allowed to flourish. Some of the most critical vulnerabilities in the internet’s history have been resolved thanks to efforts of researchers fueled entirely by curiosity and altruism,” the two companies said on the bounty program’s website.”

stack

The Internet Bug Bounty program is on the hunt for anything that might find a way around, over, under, or through scripts written in Ruby, Python, PHP, Apache, Perl, and other programming languages. To qualify, flaws must found in code that is in widespread use, of serious or critical severity, or be an unusual or novel hack that no one has thought of as yet. Once reported and verified, software providers will have 180 days to fix the problem before any announcement is made of money paid out.

“We owe these individuals an enormous debt and believe it is our duty to do everything in our power to cultivate a safe, rewarding environment for past, present, and future researchers.”

Although the lions share of the 10-person panel in charge of the decision on who to award money is populated by officials from Microsoft and Facebook, head security researcher at Google Chris Evans will also be making an appearance, alongside pentester Jesse Burns from iSec and the director of security engineering at Etsy, Zane Lackey.

To prevent your computer from becoming another research subject for one of the hundreds of malware researchers out there looking for their next big score, use a VPN to anonymize your presence online and prevent attackers from finding a way into your hard drive.

Follow this handy guide to learn how to protect your PC today!