Facebook's Whitehat bug bounty program receives 1000's of security bug reports annually, covering a wide range of issues and products. Come listen to some of the interesting bugs Facebook's Whitehat program team handled over the past year, and some pro-tips when looking for bugs outside of "facebook.com".
Jack Whitton is a Security Engineer, based at Facebook's London HQ. Jack focuses primarily on the Whitehat program, which involves interacting with the security community who find vulnerabilities in Facebook-family products, in addition to working with internal teams to ensure code is shipped securely. Prior to joining Facebook in 2016, he was one of the top researchers in the Whitehat program.
This talk was presented at the OWASP London Chapter Meeting on the 6th September 2018 at Facebook London HQ