- Advertisement -Newspaper WordPress Theme

Top 5 This Week

spot_img

Related Posts

Google’s $10 Million Bounty: Rewarding Security Research

In a significant display of commitment to cybersecurity, Google disbursed $10 million in rewards to researchers and white-hat hackers in 2023 through its global bug bounty program. This payout, though $2 million less than in 2022, underscores Google’s ongoing dedication to harnessing the cybersecurity community’s expertise in safeguarding its services and projects, including Chrome, Android, Google Play, and open-source software.

Google vs. The Competition

While Google’s 2023 bug bounty payouts may have seen a slight decrease, they remain a substantial investment in security. In comparison, Yandex, a major competitor, paid out $770,000 in bug bounties in 2023, illustrating the scale of Google’s commitment.

Record Rewards and Global Participation

The highest bounty awarded by Google for a single vulnerability report in 2023 was an impressive $113,337. In total, 632 white-hat hackers from 68 countries received payouts, demonstrating the global reach and impact of Google’s security efforts.

A Decade of Dedication to Security

Since the inception of its bug bounty program in 2010, Google has awarded $59 million to security researchers from 84 countries for reporting over 15,000 vulnerabilities. This milestone highlights the program’s success in fostering a safer internet ecosystem.

Android and Chrome: Top Targets for Research

In 2023, Google paid over $3.4 million for vulnerabilities discovered in Android, emphasizing the operating system’s critical importance. Chrome also proved to be a major focus, with 359 security bug reports leading to $2.1 million in rewards. Additionally, significant payouts were related to vulnerabilities in cloud AI products, such as Google Cloud and the Google Gemini chatbot (Bard).

Expanding the Scope of Security Research

Google continued its Mobile VRP to identify vulnerabilities in third-party Android apps and launched the Bughunters blog, a platform for white-hat hackers to share ideas and security practices. The company also organized various cybersecurity conferences, offering both online and offline events, workshops, and hackathons.

Supporting Security Research with Grants

In a further commitment to supporting the cybersecurity community, Google allocated over $200,000 in grants to security researchers last year. The company also accepted reports through the invite-only Android Chipset Security Reward Program (ACSRP), partnering with Android chipset developers to enhance device security.

Popular Articles