Top 4th of July Sales Best 4K Projectors 7 Early Prime Day Deals Wi-Fi Range Extenders My Favorite Summer Gadgets Cheap Car Insurance Target's 4th of July Sale Best Running Earbuds, Headphones

Meta updates bug bounty program to better cover VR and AR products

Facebook's parent company will pay big bucks for spotting security bugs in products like Meta Quest 2, Meta Portal and Ray-Ban Stories.

Facebook Ray-Ban Stories 2021
Meta's new smart shades are part of its bug-bounty program, too.
Josh Goldman/CNET

Meta said Friday that it's updating its bug bounty program to better cover its new virtual reality and augmented reality products.

The devices are made by the company's Reality Labs division and include products like the Meta Quest 2 VR headset, Meta Portal smart speaker and Ray-Ban Stories smart sunglasses.

Meta, formerly known as Facebook, said in its Friday blog post that the idea is to give security researchers a better idea of what kinds of bugs will reap them the biggest rewards and to get more of them to focus on its products.

Meta said the amount paid will hinge on the potential security impact of the bug in question. For example, finding a bug that could allow someone to fully and consistently bypass a device's security could be worth as much as $30,000.

But the discovery of a less dangerous bug, like one that could give unauthorized access to a Portal's camera or microphone, might be worth $5,000. 

Bug bounty programs are a growing trend in cybersecurity, with some companies offering millions in rewards. Independent security researchers search for bugs and flaws that attackers could use, and get paid to inform the company rather than use the flaws for malicious purposes.

Meta boasts one of the longest-running bug bounty programs in the tech industry. Started in 2011, the program has paid out bounties to more than 1,500 researchers from 107 countries. Last year, the company paid bounties totaling $2 million.