Facebook's 2017 Bug Bounty programme paid out US$ 880,000 (£638,000) to more than 100 researchers and will update its Thanks page in 2018 to reflect dollar amount and submission validity, among other items, as well “invest more resources into getting more timely responses and payments to researchers,” according to an update from Jack Whitton, a security engineer on Facebook's product security team.
The 2017 number brings the total payout for the six-year programme to US$ 6.3 million (£4.5 million).
Facebook received upwards of 12,000 submissions last year with most of the more than 400 valid submissions coming from researchers in India, the US and Trinidad & Tobago.
The average award per submission bumped up to US$1,900 (£1,376), from US$1,675 (£1,213) in 2016. And the cadre of researchers submitting grew with 32 percent participating for the first time.