Facebook has revealed that Indian security researchers are the top contributors to its bug bounty program among the 127 countries it has a presence in. Not only that, the subcontinent also ranks first when it comes to the most bounties rewarded.
Adam Ruddermann, a technical program manager for Facebook’s Bug Bounty team, says that over 205 Indians are currently participating in its program. These security experts have additionally gotten over Rs 4.84 crore since the initiative’s inception in 2011. Just this month, Anand Prakash, a young researcher working at Flipkart, had received over $15000 (approx Rs 10 lakh) for a major security flaw.
If you’re wondering how he got such a big payout, it’s essential to know that Facebook decides how much to pay a contributor based on the seriousness of the threat and not how complex or clever it is. For instance, Prakash’s discovery could have affected millions of users by hacking their login credentials and stealing sensitive personal data, but the method to do so was not overly complex.
In a blog post, Ruddermann also mentions that researchers can maximize their earnings by focusing on bugs that affect high-impact areas, especially those which can harm the maximum number of Facebook members. Secondly, they should try to submit detailed step-by-step reports which make the vulnerability easy to evaluate, verify and fix. This also ensures the bounty is sent out quickly.
Also See: Facebook awards Rs 10 lakh to Indian for uncovering massive security flaw
Facebook’s Bug Bounty program has so far rewarded over $4.3 million to more than 800 people around the globe for approximately 2400 submissions. The average amount given in 2015 stood at around $1780, with India, Egypt and Trinidad and Tobago getting the lion’s share of the bounties.