Google has raised the top cash payouts it will grant researchers for reporting zero-day vulnerabilities in its applications and services to $20,000.
The company said that it would now be issuing the payments for reports of unpatched flaws in Google products that could potentially allow an attacker to remotely execute code on a targeted system.
Additionally, Google said it would be offering bounties of $10,000 for reports of SQL injection flaws, a commonly targeted vulnerability for attacks on databases and servers. Cross-site scripting flaws will be eligible for payouts of up to $3,133.7.
The company noted that the amount of the payout will vary not only by the nature of the flaw but also by the scope and popularity of the vulnerable component.
Google security team members Adam Mein and Michal Zalewsky said in a blog post that the higher rewards are being offered in part to recognise the success of the company's vulnerability payment programme.
First introduced in 2010 as a means for encouraging responsible disclosure, the programme allowed researchers to receive payments from the company in exchange for directly and privately reporting unpatched security flaws in the Chrome browser and other Google platforms.
The programme has helped to make Chrome one of the most secure browsers on the market and has inspired Google to stage high-profile hacking competitions of its own.
"Last year, Google expanded the payment systems to cover its other products and services as well," Mein and Zalewsky wrote.
"In just over a year, the programme paid out around $460,000 to roughly 200 individuals. We’re confident beyond any doubt the programme has made Google users safer."
We sacrificed our weekend to try out the new Vikendi map coming to PUBG - and rather liked it
12 of the 32 stars observed feature rings and gaps that are usually carved by planets in the process of formation
The experiment is currently underway at South Korea's Yangyang Underground Laboratory
Exoplanet HAT-P-11b is located about 124 light years from Earth