 |
| Facebook's new Hacker Plus loyalty program |
Facebook has announced a new loyalty program for white-hat hackers, alongside a new description language designed to standardize the process for reporting bugs.
The social networking giant first launched its bug bounty program way back in 2011, and in the intervening years it has paid out nearly $10 million in rewards to security researchers who find glitches in the company’s software. To incentivize more engagement from the “ethical hacker” community, Facebook is introducing Hacker Plus, a program that offers performance-based rewards including bonuses, all-expenses paid event invitations, and early access to stress-test new products and features.
Hacker Plus adopts a league-based setup with five divisions, starting from the entry-level Bronze league all the way up to the top Diamond league. For example, someone in the Bronze league can receive 5% on top of each bounty award, while someone in the Diamond league can receive 20% and paid trips to live hacking events.
 |
| Above: Hacker Plus program setup |
While there is no way to opt out of the program, the individual league positions are private to each researcher unless they choose to share it publicly on their Hacker Plus profile. It’s easy to see how this could become addictive, given that it essentially gamifies bug-hunting and encourages researchers to pit their wits against their peers, and earn new profile badges when they advance to a higher league.
FBDL
In addition to the new loyalty program, the company is also launching the Facebook Bug Description Language (FBDL) out of beta today, after initially rolling out for a handful of researchers as part of an alpha program earlier this year.
FBDL is a new tool designed to help researchers from all backgrounds and languages easily set up bug reproduction steps using a standard description language, making it easier to submit reports through a universal language that demonstrates their findings and potential impact.