Google increases Chromium bounty reward levels

By on August 14, 2013, 8:00 AM
google, chromium, bounty, patches, security fixes, bugs, rewards, google web vulnerability reward program

Google’s Chromium and Google Web Vulnerability Reward Program have rewarded – and fixed – more than 2,000 security vulnerabilities since launching three years ago. In that time, the search giant has paid out more than $2 million collectively to security researchers around the globe.

Google isn’t resting on their laurels, however, as they also announced they will be raising the Chromium reward levels significantly moving forward. The plan is to issue higher rewards for bugs they believe present a more significant threat to user safety. Additionally, Google will pay out more when a researcher provides an accurate analysis of exploitability and severity.

In many cases, this will result in a bounty that’s five times the current rate. For example, bugs previously rewarded at the $1,000 level will now be considered for a payout of up to $5,000. These payouts would be in addition to previously announced bonuses for tasks like finding an issue in open source software or providing a patch.

In a blog post on the subject, Google said the creativity of the security community has surpassed all expectations while at the same time making Chrome even safer for hundreds of millions of users. If you recall, the search giant issued similar increases under the Google Web program back in June.

Security researchers interested in the program are urged to familiarize themselves with documentation on how to report a bug as well as how to determine higher reward eligibility.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.