Last Updated: March 14, 2024, 12:17 IST
Google paid tens of millions to researchers as part of the bounty program in 2023
Google’s bounty program rewards researchers who not solely report bugs but additionally helps the corporate repair any main safety lapses.
Just like all main tech corporations, Google additionally affords a bug bounty program, whereby it pays its safety researchers to search out vulnerabilities in its services and products. On Tuesday, the tech large in its weblog revealed that final yr it paid a staggering $10 million to greater than 600 researchers in 68 nations.
Google acknowledged, “Last year, we again witnessed the power of community-driven security efforts as researchers from around the world contributed to help us identify and address thousands of vulnerabilities in our products and services. Working with our dedicated bug hunter community, we awarded $10 million to our 600+ researchers based in 68 countries.”
The weblog revealed that in a bid to assist their engagement with the highest safety researchers, Google additionally hosted their “yearly security conference ESCAL8 in Tokyo.” While sharing their “2023 Year in Review statistics across” all the applications, Google additionally expressed gratitude in the direction of all devoted researchers. It acknowledged, “We would like to give a special thank you to all of our dedicated researchers for their continued work with our programs – we look forward to more collaboration in the future!”
Continuing additional, the weblog submit claimed that the $10 million bounty was distributed amongst 632 researchers throughout 68 nations. Without disclosing the particular recipient or the precise bug they unearthed, Google famous that whereas the collective sum was shared generously, the best particular person reward was $113,337.
Google additionally revealed that the researcher who discovered main flaws in Android bagged over $3.4 million, whereas the one who detected vital vulnerabilities was rewarded with $15,000. The weblog added, “We awarded over $3.4 million in rewards to researchers who uncovered remarkable vulnerabilities within Android and increased our maximum reward amount to $15,000 for critical vulnerabilities.”
Google continued, “Working closely with top researchers at the ESCAL8 conference, we also hosted a live hacking event for Wear OS and Android Automotive OS which resulted in a $70,000 reward to researchers for finding over 20 critical vulnerabilities.
During its I/O conference, Google engaged with top hardware security researchers who discovered more than “50 vulnerabilities in Nest, Fitbit, and Wearables, and received a total of $116,000 last year!” It can be value noting {that a} complete of 359 distinctive safety bugs in Chrome Browser have been reported by researchers, which “resulted in $2.1M in rewards.”
