Google is one of several large companies that pay security researchers big bucks to find and (privately) disclose vulnerabilities in its software. Last year alone, the search giant paid out more than $2 million to help make its products safer to use.
Now, the Mountain View-based technology giant has announced two new changes that further incentivize researchers to participate in its Chrome Reward Program.
In a post on the Google Security Blog, Chrome Defender Nathan Park and Tim Willis, Hacker Philanthropist, remind us that Google last year introduced a $50,000 reward for the persistent compromise of a Chromebook in guest mode. To date, they haven’t had a single successful submission so they’re raising the stakes by doubling the reward payout to $100,000.
Elsewhere, the duo said Google is extending its reward program scope to include rewards for methods that bypass Chrome’s Safe Browsing download protection features. This new category offers up to $15,000 for a high-quality report accompanying a functional exploit. More details on the new category can be found by clicking here.
As mentioned, Google is just one of many technology companies that offer cash and other incentives in exchange for pointing out vulnerabilities. Microsoft added more perks and eligible software to its program last year while United Airlines rolled out a program that rewards researchers with airline miles. The Tor Project said late last year that it plans to launch its own bug bounty program sometime in 2016.
By: Shawn Knight