Security Experts:

Connect with us

Hi, what are you looking for?



Facebook, Google Announce 2020 Asia-Pacific Bug Hunting Conference

Facebook and Google this week announced that they will partner again next year for the second edition of BountyCon, their Asia-Pacific bug hunting conference. 

Facebook and Google this week announced that they will partner again next year for the second edition of BountyCon, their Asia-Pacific bug hunting conference. 

The first BountyCon was hosted in March this year. The two-day event included talks from top bounty hunters and a live hacking event that resulted in $120,000 being awarded in bounty payouts, for 40 valid bug submissions.

Held in Singapore on April 4-5, 2020, the second edition of the conference is mainly targeting security researchers in the APAC region, but will welcome researchers from all around the world. 

The conference will include presentations from both Facebook and Android security teams, with practical tips for individuals looking to find and report high-quality vulnerabilities. Top researchers in the security community will also participate, Facebook says

The conference, the social platform announced, will close with a live hacking event on Facebook and Google Play apps.

The Internet giant also announced the launch of a Capture the Flag competition (CTF) that will run through January 26, 2020. Challenges in the CTF will target various skills from web application security to reverse engineering. 

Security researchers interested in participating should head to this page to access the challenges and submit flags. The social platform also says that more challenges will be added through the competition, so researchers should keep an eye on the list. The official rules of the competition are available here

Researchers who win a large number of CTFs will have higher scores and Facebook says it will invite some of the highest scoring researchers to BountyCon, and that it will also cover airfare and accommodation in Singapore. 

“While this conference is mainly built for researchers from the Asia-Pacific region, we welcome everyone to compete for a few spots that we have reserved for the top worldwide participants,” Facebook says. 

Singapore is the home city for SecurityWeek’s 2020 Singapore ICS Cyber Security Conference, an event dedicated to serving critical infrastructure and industrial internet stakeholders in the APAC region.

Related: Facebook Pays $120,000 in Bounties at BountyCon

Related: NordVPN Launches Bug Bounty Program

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.