Social networking giant Facebook paid out more than $1.5 million to security researchers who helped it find and fix software bugs and security vulnerabilities in its software code, the company said in a post on Thursday. The company runs a bug bounty program under which security researchers and others can submit vulnerabilities they find. During 2013, Facebook said it received nearly 15,000 submissions, of which 687 were severe enough to warrant payments. The average reward per bug reported was $2,204. Most were found in what Facebook calls “non-core” properties, mainly sites belonging to companies it has acquired. Most issues reported end up not being considered valid, but each is considered important until it has been reviewed, Collin Greene, a Facebook security engineer, wrote.