Google will now pay you when you find security bugs in its open source projects

0

 Google will now pay you when you find security bugs in its open source projects 

Google will now pay you when you find security bugs in its open source projects


Google is generous when it comes to paying out security researchers who find bugs and vulnerabilities in its products. After all, it’s better to spend that money on mitigating problems rather than fixing them after a hack or attack has happened. Now Google is expanding its Vulnerability Rewards Program (VRP) to its open-source projects. As announced today, researchers can now submit bugs and vulnerabilities they find that can impact Google’s entire open-source ecosystem and get rewarded.

Google says that it has started this program due to hackers increasingly seeing open-source software used by companies as attack vendors. The company cites a study that has seen a 650% increase of attacks targeting open-source supply chains in 2021 compared to 2020. To make sure Google is less likely to be hit, it’s making its open-source projects part of its VRP. The program is then supposed to focus on:

The highest prices will be paid out in Google’s most high-profile and sensitive projects, including Fuchsia, a new OS that is now powering some of the company’s excellent Assistant smart displays. Rewards will range from USD100 to USD31,337 depending on how severe an attack can potentially be.

If you’re interested in helping out Google, you need to be aware of the rules posted to the company’s Bug Hunters website. There are technical details on which vulnerabilities are eligible in the first place.

Google’s VRP is an integral part of the company’s security efforts. Over the years, the company has increased the total amount of money it spends on paying researchers, and it has last paid out USD8.7 million in 2021. The bug program has been in existence for eleven years now.


( Details and picture courtesy from Source, the content is auto-generated from RSS feed.)

Join our official telegram channel for free latest updates and follow us on Google News here.

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.
Post a Comment (0)

buttons=(Accept !) days=(20)

Our website uses cookies to enhance your experience. Learn More
Accept !
To Top