Save on Streaming Android 13 Best iPad Best Samsung Phone Best Password Manager Sony Headphones Deal Gym Membership Savings MLB 2022
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

Meta updates bug bounty program to better cover VR and AR products

Facebook's parent company will pay big bucks for spotting security bugs in products like Meta Quest 2, Meta Portal and Ray-Ban Stories.

Facebook Ray-Ban Stories 2021
Meta's new smart shades are part of its bug-bounty program, too.
Josh Goldman/CNET

Meta said Friday that it's updating its bug bounty program to better cover its new virtual reality and augmented reality products.

The devices are made by the company's Reality Labs division and include products like the Meta Quest 2 VR headset, Meta Portal smart speaker and Ray-Ban Stories smart sunglasses.

Meta, formerly known as Facebook, said in its Friday blog post that the idea is to give security researchers a better idea of what kinds of bugs will reap them the biggest rewards and to get more of them to focus on its products.

Meta said the amount paid will hinge on the potential security impact of the bug in question. For example, finding a bug that could allow someone to fully and consistently bypass a device's security could be worth as much as $30,000.

But the discovery of a less dangerous bug, like one that could give unauthorized access to a Portal's camera or microphone, might be worth $5,000. 

Bug bounty programs are a growing trend in cybersecurity, with some companies offering millions in rewards. Independent security researchers search for bugs and flaws that attackers could use, and get paid to inform the company rather than use the flaws for malicious purposes.

Meta boasts one of the longest-running bug bounty programs in the tech industry. Started in 2011, the program has paid out bounties to more than 1,500 researchers from 107 countries. Last year, the company paid bounties totaling $2 million.