I've been working on releasing more public payout guidelines for our bug bounty program to increase transparency and show researchers the types of issues we care about. Today we released guidelines for our hardware devices please check them out =) https://t.co/3xN743kDZ1
@vivianphung RSU == cash in the form of stocks. It'll be taxed as income once it vests. Basically keep the shares if you would also purchase shares with your salary. Also Workplace has a lot of help if you're lost like I was 2 years ago :D
Recently completed my first year at Facebook. I must say it's been an incredible journey transitioning from a bug bounty hunter to a security engineer and if anyone is interested we are still hiring :)
Finally ready to share the details of scoring changes for our Whitehat program. Now your signal will play into your position in the leaderboard. More details at: https://t.co/cpVvw5tdac
@_ayoubfathi_ I wouldn't necessarily call it a discount given their earnings will be down and growth will be slower than expected. So their pricing multiple has to change. Still I'm buying JPM & CRSP for now.
Feeling motivated to start hacking again. I haven't done any bug bounty since h1-702(which was awesome). Looking for suggestions of good public programs to look at :)
@sirdarckcat I think few people enable it partly because dupes count as invalid submissions so your signal appears lower than it should. If you do make changes just ignore duplicate submissions from stats. For what it's worth I don't find much value in fake internet points :)
Check out my 2019 Year In Review on @Hacker0x01: https://t.co/4YSTvepGfW! I should really get back to hacking in Q1 now that I'm settled in my full time position.