Sunday, January 29, 2023

Google Boosts Web Bug Bounties to $20,000

Computerworld: Google has raised the top payout for its Vulnerability Reward Program (VNP) from $3,133 to $20,000. The company will pay the bounties to security researchers who discover bugs that allow remote code execution against, and other core domains or against “highly sensitive services” such as Google Wallet, Gmail and Google Play. The company will pay $10,000 to researchers who find SQL injection bugs or “significant” authentication bypass or data leak vulnerabilities. Other bugs merit payments between $100 and $3,133, depending on how critical they are.

To date, VRP has paid out $460,000 to approximately 200 researchers who made 780 bug reports. “We’re confident beyond any doubt the program has made Google users safer,” the company blogged.

Similar articles

Latest Articles