As a Bug Bounty Program, Google paid $6.5 Million in Bug Bounties in 2019 alone as part of its "Vulnerability Reward Programs".
Technology giant Google handed out a record amount of $6.5 million bug bounty prize money in 2019 as part of its "Vulnerability Reward Programs".
Google's Bug Bounty Program: 2019
In an Official Announcement, The company announced that it has paid out $6.5 million to different security researchers- that’s near twice the amount of Google paid for bug bounties in 2018 which amounted to a total of $3.4 million in the past year alone in its bug bounty program called the ‘Google Vulnerability Reward Program’.
In an official blog post, Google has shared four interesting stories about its bug bounty rewards from 2019.
#1. Chrome’s VRP increased its reward payouts by tripling the maximum baseline reward amount from $5,000 to $15,000 and doubling the maximum reward amount for high quality reports from $15,000 to $30,000.
#2. Android Security Rewards expanded its program with new exploit categories and higher rewards. The top prize is now $1 million for a full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices. And if you achieve that exploit on specific developer preview versions of Android, we’re adding in a 50% bonus, making the top prize $1.5 million.
#3. The Google Play Security Reward Program expanded scope to any app with over 100 million installs, resulting in over $650,000 in rewards in the second half of 2019.
#4. The Developer Data Protection Reward Program was launched in 2019 to identify and mitigate data abuse issues in Android apps, OAuth projects, and Chrome extensions.Moreover, Google also announced on its ‘Google Vulnerability Reward Program’ that,
- #1) Google's Android bug bounty program will now pay out $1.5 million.
- #2) Google will now pay up to $30,000 for reporting a Chrome bug.
- #3) Google tests fix for Chrome bug that disabled some Android apps
COMMENTS