Facebook, the world's top social network with more than 750 million users, will be paying rewards of $500 or more for each vulnerability or bug identified by security researchers in the social network.

"To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs," Facebook said in a blog post. "This is another way that we would like to show our appreciation to the security researchers who help us keep Facebook safe and secure for everyone."

Security researchers who are the "first person to responsibly disclose" a bug that could "compromise the integrity or privacy of Facebook user data" would be eligible for the bounty.

Facebook said that it a typical bounty is $500 but it may "increase the reward for specific bugs."

However, it noted that it would only award one bounty per security bug (implying that in the event two unrelated individuals report the bugs, the first to do so will be awarded).

Covered by the bounty are bugs that could compromise the integrity or privacy of Facebook user data, such as: Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF/XSRF), and Remote Code Injection.

"Our security team will assess each bug to determine if it qualifies," Facebook said.

Not that these bugs aren't eligible for a bounty:

* Security bugs in third-party applications

* Security bugs in third-party Web sites that integrate with Facebook

* Security bugs in Facebook's corporate infrastructure

* Denial of Service Vulnerabilities

* Spam or Social Engineering techniques

Agence France-Presse notes that the Mark Zuckerberg-founded social network last month hired George Hotz, a celebrated hacker known as "GeoHot." Hotz, AFP points out, was sued by Sony for hacking the Japanese company's PlayStation 3 game console and is credited with being the first person to go public with a way to hack into an iPhone.

"If you believe you've found a security vulnerability on Facebook, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem," Facebook said in the security section of the Web site.

"If you give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research, we will not bring any lawsuit against you or ask law enforcement to investigate you."

To get the $500, the security bugs must be reported at http://www.facebook.com/whitehat/bounty/