All the latest UK technology news, reviews and analysis


Google ups top security bug reward to $5,000

13 Aug 2013
google-money-bags

Google has increased the maximum reward available to researchers participating in its Chromium and Google Web Vulnerability Reward Programs (VRPs) to $5,000 and revealed it has issued over $2m worth of payments to bug hunters.

Google's Chrome security head Chris Evans and security program manager Adam Mein revealed the news in a blog posting, confirming that the company has received 2,000 threat reports from independent researchers since launching the bug bounty programs in 2010. The Google masters said to celebrate the programs' success Google will increase the maximum reward available for finding bugs to $5,000.

"Today we're delighted to announce we've now paid out in excess of $2,000,000 across Google's security reward initiatives. Broken down, this total includes more than $1,000,000 for the Chromium VRP and Pwnium rewards, and in excess of $1,000,000 for the Google Web VRP rewards," they wrote.

"Today, the Chromium program is raising reward levels significantly. In a nutshell, bugs previously rewarded at the $1,000 level will now be considered for reward at up to $5,000. In many cases, this will be a five-times increase in reward level."

The two added the company will continue to issue even higher payments on a case-by-case basis.

"We'll issue higher rewards for bugs we believe present a more significant threat to user safety, and when the researcher provides an accurate analysis of exploitability and severity. We will continue to pay previously announced bonuses on top, such as those for providing a patch or finding an issue in a critical piece of open-source software," they wrote.

Google is one of many tech companies to offer researchers monetary rewards for spotting security flaws in their products. Facebook issued a massive $20,000 to a security researcher for spotting a critical flaw leaving its users open to attack by hackers. Security news aggregator Packet Storm also runs an ongoing bug bounty program, which offers up to $7,000 for working exploits.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Windows 7 end of mainstream support

What are your plans for when Microsoft ends mainstream support for Windows 7 in January 2015?
9%
9%
3%
66%
13%

Popular Threads

Powered by Disqus
LG G3 in gold black and white

LG G3 vs Galaxy S5 video

We pit the two Korean firms' flagship smartphones against each other

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Facilities Management Service Manager, NHS, to £67k, South Mids

Facilities Management Service Manager, NHS, to £67k...

Front End Developer - UI Developer - £35K-£45K - BEDFORD - UX

Front End Developer - UI Developer - £35K-£45K - BEDFORD...

Network Analyst

Are you a Network Engineer who can simplify the most...

Senior Front End Developer

The successful candidate will work on the development...
To send to more than one email address, simply separate each address with a comma.