Program Strength is basically a way to determine the complexity of a program based on a internal questionnaire that FindBug asks companies that want to join our platform. This questionnaire will determine which the best way to pay security researchers that want to report to your program. But also security researchers will be able to know how much complex is a specific program.
Among our research we drafted a evaluation questionnaire that is based on main criterias(business value, technology used,
uptime, testing envr, tranctions, number of domains), And we recommend you the price-per-bug that will attract more security researchers to work for you. Notice: Facebook
cannot pay the same price per bug ex. 1000E for critical ones when it’s Company value data are worth of billion dollar. The ethical hackers should find the
benefits of reporting security issues.Remember they are good on finding security vulnerabilities and not selling data.