The California-headquartered firm said it received a total of 14,763 submissions in 2013, of which 687 bugs were found to be valid and eligible to receive rewards.
A bug is an error or defect in a software or hardware that causes a programme to malfunction. It often occurs due to conflicts in software when applications try to run in tandem.
The social networking platform, which has over 1.2 billion users globally, paid $1.5 million last year to security researchers who report bugs on its website.
“India contributed the largest number of valid bugs at 136, with an average reward of $1,353. The US reported 92 issues and averaged $2,272 in rewards,” Facebook said in a post.
Brazil and the UK were third and fourth by volume, with 53 bugs and 40 bugs and average rewards of $3,792 and $2,950, respectively, it added.
Researchers in Russia earned the highest amount per report in 2013, receiving an average of $3,961 for 38 bugs, Facebook said.
It said: “We’ve paid over $2 million since we got started in 2011, and in 2013 we paid out $1.5 million to 330 researchers across the globe.”
The average reward in 2013 was $2,204, and most bugs were discovered in non-core properties, such as websites operated by companies the firm had acquired, it added.
“2014 is looking good so far. The volume of high-severity issues is down, and we’re hearing from researchers that it’s tougher to find good bugs,” Facebook said.
The social networking site said it will encourage best research in the most valuable areas and will continue to increase its reward amounts for high priority issues.