(MENAFN - NewsBytes)

Google rewards $2.9 million under its Bug Bounty Program
10 Feb 2018

Google has announced on its official Security Blog that the company paid out $2.9 million to security researchers in 2017 under its Bug Bounty Program.

The program rewards users for informing Google about any kind of a flaw or vulnerability in the company's products and services.

The Bug Bounty Program covers various Google products, Chrome, Android, and even the Play Store.

The largest single reward amounted to $112,500
Details

The largest single reward under the program last year amounted to $112,500, as compared to $100,000 in 2016.

It was won by a security researcher named Guang Gong, who found a sophisticated bug in Chrome on Google's Pixel phones.

Another researcher named 'gzobqq' who identified security vulnerabilities in Google Chrome's guest mode received a reward of $100,000.

Bug Bounty rewards depend on the type of bug found
Bug Bounty

Rewards under Google's Bug Bounty Program can vary from $500 to $100,000 or more depending on the type of bug.

Some sub-categories in the program include the Vulnerability Research Grants Program and the Patch Rewards Program.

"We're also introducing a new category that includes vulnerabilities that could result in the theft of users' private data. We'll award $1,000 for these bugs," Google said.

Bug bounty programs help companies quickly learn about product flaws
Background

Bug bounty programs provide companies with a chance to learn about the flaws in their products and patch the holes in a quick manner.

Incentivizing people to find bugs is also a smart way to ensure that vulnerabilities are not exploited.

Other big companies that run bug bounty programs include Facebook, GM, Airbnb, Mastercard and even the Pentagon.

MENAFN301002201800490000ID1096407529