Google's Chromium and Google Web Vulnerability Reward Program have rewarded - and fixed - more than 2,000 security vulnerabilities since launching three years ago. In that time, the search giant has paid out more than $2 million collectively to security researchers around the globe.
Google isn't resting on their laurels, however, as they also announced they will be raising the Chromium reward levels significantly moving forward. The plan is to issue higher rewards for bugs they believe present a more significant threat to user safety. Additionally, Google will pay out more when a researcher provides an accurate analysis of exploitability and severity.
In many cases, this will result in a bounty that's five times the current rate. For example, bugs previously rewarded at the $1,000 level will now be considered for a payout of up to $5,000. These payouts would be in addition to previously announced bonuses for tasks like finding an issue in open source software or providing a patch.
In a blog post on the subject, Google said the creativity of the security community has surpassed all expectations while at the same time making Chrome even safer for hundreds of millions of users. If you recall, the search giant issued similar increases under the Google Web program back in June.
Security researchers interested in the program are urged to familiarize themselves with documentation on how to report a bug as well as how to determine higher reward eligibility.