Google has raised the top cash payouts it will grant researchers for reporting zero-day vulnerabilities in its applications and services to $20,000.
The company said that it would now be issuing the payments for reports of unpatched flaws in Google products that could potentially allow an attacker to remotely execute code on a targeted system.
Additionally, Google said it would be offering bounties of $10,000 for reports of SQL injection flaws, a commonly targeted vulnerability for attacks on databases and servers. Cross-site scripting flaws will be eligible for payouts of up to $3,133.7.
The company noted that the amount of the payout will vary not only by the nature of the flaw but also by the scope and popularity of the vulnerable component.
Google security team members Adam Mein and Michal Zalewsky said in a blog post that the higher rewards are being offered in part to recognise the success of the company's vulnerability payment programme.
First introduced in 2010 as a means for encouraging responsible disclosure, the programme allowed researchers to receive payments from the company in exchange for directly and privately reporting unpatched security flaws in the Chrome browser and other Google platforms.
The programme has helped to make Chrome one of the most secure browsers on the market and has inspired Google to stage high-profile hacking competitions of its own.
"Last year, Google expanded the payment systems to cover its other products and services as well," Mein and Zalewsky wrote.
"In just over a year, the programme paid out around $460,000 to roughly 200 individuals. We’re confident beyond any doubt the programme has made Google users safer."
Dust storm on Titan only the third Solar System body where such storms have been observed
New technique could enable quantum computers to scale-up to millions of qubits
Systrom and Krieger taking time off "to explore our curiosity and creativity"
Comcast's £29.7bn winning bid more than twice the £13.7bn Rupert Murdoch valued Sky at just eight years ago