Facebook Has Acquired Mobile Analytics Startup Onavo For Up To $200 Million.

Facebook has acquired a mobile analytics company, Onavo. The buyout price was up to $200 million, according to multiple reports.

Onavo is based in Tel Aviv and Palo Alto. Facebook will turn Onavo's office into its first office in Israel and thirty employees will join Facebook's team there, The Marker reports.

Onavo was founded in 2010 by Guy Rosen and Roi Tiger; it raised $13 million from Sequoia Capital and others. It provides mobile data usage analytics and helps companies see how their usage stacks up against other companies.

Here's the memo from the founders:

We are excited to announce that Facebook has agreed to acquire our company.

Three years ago, we started Onavo with the goal of helping today’s technology consumers and companies work more efficiently in a mobile world. We developed the award-winning Onavo mobile utility apps, and later launched Onavo Insights, the first mobile market intelligence service based on real engagement data. Our service helps people save money through more efficient use of data, and also helps developers, large and small, design better experiences for people. 

We’ve built world-class products and a remarkably talented team which has pioneered important breakthroughs in data compression technology and mobile analytics. Today, we’re eager to take the next step and make an even bigger impact by supporting Facebook’s mission to connect the world.

As you know, Facebook and other mobile technology leaders recently launched Internet.org, formalizing Facebook’s commitment to improving access to the internet for the next 5 billion people — this is a challenge we’re also passionate about.

We’re excited to join their team, and hope to play a critical role in reaching one of Internet.org’s most significant goals – using data more efficiently, so that more people around the world can connect and share. When the transaction closes, we plan to continue running the Onavo mobile utility apps as a standalone brand. As always, we remain committed to the privacy of people who use our application and that commitment will not change.

We are incredibly proud of the talented team we have assembled, and, recognizing this, Onavo’s Tel-Aviv office will remain open for business and will become Facebook’s new Israeli office.

We’ll continue to advance the work we are doing in collaboration with Facebook’s great team. Thank you to everyone who has joined us on this journey. We’d like to extend a special thanks to our investors, who believed in us and in our vision from the early days. We’re excited for what’s next.

Guy Rosen, Co-Founder & CEORoi Tiger, Co-Founder & CTO

My Achievements - Hall Of Fames, Bounties And Swags !

I Am So Lucky that GOD Gave Me ability to find Vulnerabilities On Almost All Big And Highly Secured (So Called) Giants Of  IT Field. It includes:

Facebook, Google, Twitter, Apple, Microsoft, Adobe, Blackberry, Nokia, Symantec, Yahoo, Friendster, GoDaddy, Avira,  Avast, Ifixit, Android, Barracuda, MailChimp, LinkedIn etc and list goes On. 

Following are the Companies who have responsible disclosure policy listed my name on their Hall Of Fame Page for finding Security Vulnerabilities On their Sites. 

Got 5000 $$ from PayPal and Acknowledgement As Security Researcher.

 
Got 500 $$ from Facebook and Acknowledgement As Security Researcher.

Got 300 $$ from Meraki and Acknowledgement As Security Researcher.

1) My first International Acknowledgement. Recognized by Microsoft as a Security Researcher. link

2) Got listed in Adobe Security Researcher Acknowledgement Page for 1st time. link

3) Acknowledge from ifixit. Got listed in ifixit responsible disclosure Page for 2012. link

4) Once again Got listed in ifixit responsible disclosure Page - This time for year 2013. link

5) Listed in Adobe Security Researcher Acknowledgement Page for 2nd time and thus become the 1st Person Over the Globe to be Acknowledged by Adobe twice. link

6) Listed in Owncloud Security acknowledgement page. link

7) Listed in Red Hat Vulnerability Acknowledgements Page. link

8) Got Listed in Zendesk Vulnerability Acknowledge page with all my Leet Friends. link

9) Got listed in ConstantContact Hall Of Fame. link

10) Listed in Apple Hall Of Fame for reporting cross-site scripting Vulnerability. link

11) No Offense.. Listed in Apple Hall Of Fame for the second time in a Week. link

12) Listed in Nokia Hall Of Fame for first Time. link

13) Finally, I am In Google Hall Of Fame. link

14) Listed in Bugcrowd Contributors List with all My friends. 

15) Got Listed In Blackberry Hall Of Fame. :) link 

16) Finally Got My White Hat Hacker Badge On My Freelancer Account. Feeling Special :) <3 link

17) Listed in Google Hall Of Fame for Second Time :) :) Feeling Happy :) link

18) Listed in Microsoft Hall Of Fame for Second Time :) link

19) Listed in Sprout Social Hall Of Fame. link

20) Listed in Android Hall Of Fame. link  

21) Listed in Acquia Hall Of Fame. link

22) Listed in MailChimp Security Response Page. link  

23) Listed in Blackberry Hall of Fame for second time. link

24) Listed in HackSecurity Special Thanks Page. link  

25) Listed in Adobe Hall Of Fame fro 3rd Time! Feeling Special :) link

26) Listed in Schuberg Philis Hall Of Fame. link

27) Listed in Barracuda Hall Of Fame. link

28) Listed in NetFlix Hall Of Fame. link

29) Listed in Facebook White-hat Page. link

30) Acknowledgement From Avira as a Security Researcher.  

31) Acknowledgement From Altassin as a Security Researcher And received Cool Swag .  

32) Listed in Google Hall Of Fame for third time :) link

33) Acknowledgement From Appentative as a Security Researcher And received Cool Swag.  

34) Listed in Google Hall Of fame for forth time :) link 

35) Acknowledgement From BugCrowd as a Security Researcher And received Cool Swag .  

36) Listed in Nokia Hall Of Fame for Second Time. link

37) Listed in Freelancer Hall Of Fame. link

38) Acknowledgement From PayPal as a Security Researcher And received Some Bounty. 

 Reach me at Facebook - https://www.facebook.com/heartstlear

Reach me at twitter - https://www.twitter.com/tush2388

Reach me at LinkedIn - http://www.linkedin.com/pub/tushar-kumbhare/69/8a7/9b8

Thanks.

Happy Hacking :)

List Of Bug Bounty Sites

   

       PRODUCTS AND SERVICES (REWARD OFFERED)

• Bugcrowd - https://portal.bugcrowd.com/sign_up/
• AT&T - http://developer.att.com/developer/apiDetailPage.jsp?passedItemId=10700235 (To submit you need to sign up to the free Developer API program)
• Avast! - http://www.avast.com/bug-bounty
• Barracuda - http://barracudalabs.com/?page_id=3456
• Chromium Project - http://www.chromium.org/Home/chromium-security/vulnerability-rewards-program
• Coinbase - https://coinbase.com/whitehat
• Cryptocat - https://crypto.cat/bughunt/
• Etsy - http://www.etsy.com/help/article/2463
• Facebook - http://www.facebook.com/whitehat/bounty/
• Gallery - http://codex.gallery2.org/Bounties
• Ghostscript - http://ghostscript.com/Bug_bounty_program.html (Mostly software development, occasional security issues)
• Google - http://www.google.com/about/company/rewardprogram.html
• Heroku - https://policy.heroku.com/security
• Hex-Rays - http://www.hex-rays.com/bugbounty.shtml
• Kraken - https://www.kraken.com/security/bug-bounty
• LaunchKey - https://launchkey.com/docs/whitehat
• Marktplaats - http://statisch.marktplaats.nl/help/responsible_disclosure_policy_en.html
• Mega.co.nz - http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/
• Meraki - http://www.meraki.com/trust/#srp
• Meta Calculator - http://www.meta-calculator.com/blog/bug-bounty-program/
• Microsoft - http://www.microsoft.com/security/msrc/report/bountyprograms.aspx
• Mozilla - http://www.mozilla.org/security/bug-bounty.html
• National Cyber ​​Security Center (Netherlands) - https://www.ncsc.nl/security
• Olark - http://www.olark.com/customer/portal/articles/1237352
• Paypal - https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues
• PikaPay - https://www.pikapay.com/pikapay-security-policy/
• Piwik - http://piwik.org/security/
• Qiwi - https://www.qiwi.ru/page/hack.action
• Qmail - http://cr.yp.to/djbdns/guarantee.html
• Ricebridge - http://www.ricebridge.com/bugs.htm (Only available to customers)
• Ripple - https://ripple.com/bug-bounty/
• Samsung - https://samsungtvbounty.com/
• Simple - https://www.simple.com/policies/website-security/
• Tarsnap - https://www.tarsnap.com/bugbounty.html
• Yandex - http://company.yandex.com/security/index.xml
• Zerobrane - http://notebook.kulchenko.com/zerobrane/zerobrane-studio-bug-bounty

       PRODUCT AND SERVICES (HALL OF FAME + SWAG)

• Atlassian - https://confluence.atlassian.com/display/SUPPORT/How+to+Report+a+Security+Issue
• Attack Secure - http://attack-secure.com/whitehat/
• Engineyard - https://www.engineyard.com/legal/responsible-disclosure-policy
• Github - https://help.github.com/articles/responsible-disclosure-of-security-vulnerabilities
• ifixit - http://www.ifixit.com/Info/Responsible_Disclosure
• Paymill - https://www.paymill.com/en-gb/support-3/worth-knowing/security/
• Pinterest - http://about.pinterest.com/terms/responsible-disclosure/
• Schuberg Philis - http://www.schubergphilis.com/newsroom/library/downloads-policies/responsible-disclosure-policy/
• Soundcloud - http://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure
• Yahoo - http://security.yahoo.com/reporting-security-issues-yahoo-000000016.html

       PRODUCT AND SERVICES (HALL OF FAME ONLY)

• 37signals - https://37signals.com/security-response
• Acquia - https://www.acquia.com/how-report-security-issue
• ActiveProspect - http://activeprospect.com/activeprospect-security/
• Adobe - http://www.adobe.com/support/security/alertus.html
• Android Free Apps - http://www.androidfreeapp.net/security-researcher-acknowledgments/
• Apple - http://support.apple.com/kb/HT1318
• Base - https://getbase.com/security/
• Blackberry - http://us.blackberry.com/business/topics/security/incident-response-team/collaborations.html
• Braintree - https://www.braintreepayments.com/developers/disclosure
• Card - https://www.card.com/responsible-disclosure-policy
• Chargify - https://chargify.com/security/
• Constant Contact - http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
• cPaperless - http://www.cpaperless.com/securitystatement.aspx
• Digital Ocean - https://www.digitalocean.com/security
• DiMartino Entertainment - http://moosikay.dimartinoentertainment.com/site/credits/
• Dropbox - https://www.dropbox.com/special_thanks
• eBay - http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
• EVE - http://community.eveonline.com/devblog.asp?a=blog&nbid=2384
• Evernote - http://evernote.com/security/
• Foursquare - https://foursquare.com/about/security
• Freelancer - http://www.freelancer.com/info/vulnerability-submission.php
• Future Of Enforcement - http://futureofenforcement.com/?page_id=695
• Gitlab - http://blog.gitlab.com/responsible-disclosure-policy/
• Gittip - https://www.gittip.com/security.txt
• Gliph - https://gli.ph/s/security.html
• HakSecurity - http://haksecurity.com/special-thanks/
• Harmony - http://get.harmonyapp.com/security/
• Iconfinder - http://support.iconfinder.com/customer/portal/articles/1217282-responsible-disclosure-of-security-vulnerabilities
• Kaneva - http://docs.kaneva.com/mediawiki/index.php/Bug_Bounty
• Kayako - https://my.kayako.com/Knowledgebase/Article/View/853/0/security-vulnerability-fix-and-patch-policy
• lastpass - https://lastpass.com/support_security.php
• Mahara - https://wiki.mahara.org/index.php/Contributors#Security_Researchers
• MailChimp - http://mailchimp.com/about/security-response/
• Microsoft (Online Services) - http://technet.microsoft.com/en-us/security/cc308589
• Netflix - http://support.netflix.com/en/node/6657#gsc.tab=0
• Nitrous.IO - http://help.nitrous.io/admin-security-response/
• Nokia - http://www.nokia.com/global/security/acknowledgements/
• Nokia Siemens Networks - http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
• Norada - http://norada.com/crm-software/security_response
• Open Text - http://opentext.com/2/global/company/security-acknowledgements.htm
• Opera - https://bugs.opera.com/wizarddesktop/
• Oracle - http://oracle.com/technetwork/topics/security/securityfixlifecycle-086982.html
• Owncloud - http://owncloud.org/about/security/hall-of-fame/
• Pocket - http://help.getpocket.com/customer/portal/articles/1225832-pocket-security-overview
• Puppet Labs - https://puppetlabs.com/security/acknowledgments/
• RedHat - https://access.redhat.com/knowledge/articles/66234
• Risk.io - https://www.risk.io/security
• Security Net - http://www.securitynet.org/security-researcher-acknoledgments/
• Sellfy - https://sellfy.com/security/
• Shopify - https://www.shopify.com/security-response
• Sonatype - http://www.sonatype.com/contact/report-a-security-issue
• Spotify - https://www.spotify.com/us/about-us/contact/report-security-issues/
• Sprout Social - http://sproutsocial.com/responsible-disclosure-policy
• Telekom - http://www.telekom.com/corporate-responsibility/security/186450
• Thingomatic - http://thingomatic.org/security.html
• Tuenti - http://corporate.tuenti.com/en/dev/hall-of-fame
• Twilio - https://www.twilio.com/docs/security/disclosure
• Twitter - https://twitter.com/about/security
• WizeHive - http://www.wizehive.com/special_thanks.html
• Xmarks - https://buy.xmarks.com/security.php
• Zendesk - http://www.zendesk.com/company/responsible-disclosure-policy
• Zynga - http://company.zynga.com/security/whitehats

      PRODUCTS AND SERVICES (NO REWARD)

• Airbnb - https://www.airbnb.com/help/policies/responsible_disclosure#responsible_disclosure_policy
• Amazon.com - (please email details to security@amazon.com)
• Amazon Web Services - http://aws.amazon.com/security/vulnerability-reporting
• Apriva - http://www.apriva.com/security
• Asana - https://asana.com/security
• Authy - https://www.authy.com/security-issue
• Avira - http://www.avira.com/en/support-vulnerability
• Blackboard - http://www.blackboard.com/footer/security-policy.aspx
• Box - https://www.box.com/about-us/security/
• Cisco - http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#roosfassv
• Cloudnetz - http://cloudnetz.com/Legal/vulnerability-testing-policy.html
• Coupa - http://trust.coupa.com/home/security/coupa-vulnerability-reporting-policy
• Drupal - https://drupal.org/security-team
• EMC² - http://www.emc.com/contact-us/contact/product-security-response-center.htm
• Emptrust - http://www.emptrust.com/Security.aspx
• HoneyDocs - https://www.honeydocs.com/bounty (Reward: Free HoneyDocs plan)
• HTC - http://www.htc.com/us/terms/product-security/
• Huawei - http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm
• IBM - http://www-03.ibm.com/security/secure-engineering/report.html
• KPN - http://www.kpn.com/Privacy.htm#tabcontent3
• Lievensberg Hospital - http://www.lievensbergziekenhuis.nl/paginas/141-disclaimer.html
• LinkedIn - http://help.linkedin.com/app/answers/detail/a_id/37022
• Lookout - https://www.lookout.com/responsible-disclosure
• Millsap Independent School District - http://www.millsapisd.net/BugReport.cfm
• Modus CSR - http://www.moduscsr.com/security_statement.php
• PagerDuty - http://www.pagerduty.com/security/disclosure/
• Panzura - http://panzura.com/support/panzura-security-policy/
• Pidgin - http://pidgin.im/security/
• Plone - http://plone.org/products/plone/security/advisories
• Pop Group - http://www.popgroupglobal.com/security.php
• Reddit - http://code.reddit.com/wiki/help/whitehat
• Relaso - http://relaso.com/disclosure
• Salesforce - http://www.salesforce.com/company/privacy/security.jsp#vulnerability
• Scorpion Software - http://www.scorpionsoft.com/company/disclosurepolicy/
• Simplify - http://simplify-llc.com/simplify-security.html
• Skoodat - http://www.skoodat.com/security
• Square - https://squareup.com/security/levels
• Symantec - http://www.symantec.com/security/
• Team Unify - http://www.teamunify.com/__corp__/security.php
• Tele2 - http://www.tele2.nl/klantenservice/veiligheid/tele2-en-veiligheid.html
• UPC - http://www.upc.nl/internet/veilig_internet/beveiligingsproblemen/
• Viadeo - http://www.viadeo.com/aide/security/
• Vodafone (Netherlands) - http://over.vodafone.nl/vodafone-nederland/privacy-veiligheid/beveiliging-en-bescherming/wat-doet-vodafone/meld-een-beveilig
• VSR - http://www.vsecurity.com/company/disclosure
• X.commerce - http://www.x.com/security
• Xen - http://www.xen.org/projects/security_vulnerability_process.html
• Ziggo - https://www.ziggo.nl/#klantenservice/internet/risicos-op-internet/meldpunt-beveiligingslekken

      BROKERS AND SECURITY COMPANIES

• Beyond Security - http://www.beyondsecurity.com/ssd.html
• COSINC - http://www.coseinc.com/en/index.php?rt=advisory
• Exodus Intelligence - https://www.exodusintel.com/eip/
• ExploitHub - https://www.exploithub.com/request/index/developmentrequests/
• HP Zero-Day Initiative (ZDI) - http://www.zerodayinitiative.com/about/benefits/
• iDefense - https://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/vulnerability-intelligence/index.xhtml
• Insight Partners - https://gvp.isightpartners.com/program_details.gvp?page=3&title=1&section=0
• Netragard - http://pentest.snosoft.com/netragards-eap/
• Packet Storm - http://packetstormsecurity.com/bugbounty
• Secunia - http://secunia.com/community/research/svcrp
• White Fir Design - https://www.whitefirdesign.com/about/wordpress-security-bug-bounty-program.html