Google launched its bug bounty program more than ten years ago now, and it's safe to say it's been a big success. Last year alone, the company paid out a whopping $6.7 million to independent researchers who discovered issues with its products. As it heads into its second decade, Google's Vulnerability Rewards Program (or VRP) has shared some details surrounding its accomplishments, along with a major reinvention of the entire platform. Read More
Google, like many big tech companies, runs a bug bounty program that allows independent researchers (and anyone, really) to spot issues, submit details, and get some money for their trouble. Google even publishes its numbers yearly as proof for the cash being doled out, and the company just published its 2020 numbers. Read More
Last year, Google seriously stepped up the payouts and categories for its bug bounty programs, and that investment appears to be paying dividends — not just for Google, but for security researchers, too. The company is currently celebrating its most prolific payouts ever for the Vulnerability Reward Program (read: Google's bug bounty), handing out over $6.5 million in rewards. Google claims this is twice as much as the company has ever given out in a previous year — not quite true according to 2018's numbers. Read More
Elite hackers aren't the only thing Google has to worry about when it comes to its platforms. Perhaps just as pernicious are simple abuses of its systems and products — often stumbled upon by an average person with too much time on their hands. For instance, finding ways to purchase items from Google without paying, or getting around restrictions on content use and sharing. It's these issues that the Mountain View tech giant is aiming to uncover by officially expanding its Vulnerability Reward Program to include reports on techniques to successfully bypass its abuse, fraud and spam systems. Read More
2017 was a big year for security research in technology, just as it is every year. With the much publicised 'Meltdown' and 'Spectre' CPU vulnerabilities and countless other lesser-known security bugs, researchers had their work cut out uncovering these flaws before anyone with more nefarious intentions could.
Google does its bit to compensate the research community for their hard work in keeping its users protected. In a recent blog post, the company released some numbers for the 2017 Vulnerability Rewards Program while also paying tribute to the dedicated researchers. Google paid out a total of $2.9 million as part of the program, to individuals and teams in 60 different countries. Read More