Google Boosts Web Bug Bounties to $20,000

The Vulnerability Reward Program will pay the most for bugs that allow remote code execution on Google's core sites and services.

Computerworld: Google has raised the top payout for its Vulnerability Reward Program (VNP) from $3,133 to $20,000. The company will pay the bounties to security researchers who discover bugs that allow remote code execution against google.com, youtube.com and other core domains or against "highly sensitive services" such as Google Wallet, Gmail and Google Play. The company will pay $10,000 to researchers who find SQL injection bugs or "significant" authentication bypass or data leak vulnerabilities. Other bugs merit payments between $100 and $3,133, depending on how critical they are.

To date, VRP has paid out $460,000 to approximately 200 researchers who made 780 bug reports. "We're confident beyond any doubt the program has made Google users safer," the company blogged.

Tags: Google, security vulnerabilities, bounty

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.