Aug 31, 2022

Google will pay up to $31,000 to those who find vulnerabilities in its open source software

Posted by in category: cybercrime/malcode

Google has launched its new Vulnerability Bounty Program for its open source software. The company will pay up to more than US$31,000 as an incentive to those who find bugs in its ecosystem and report them.

“Today we are launching the Open Source Software Vulnerability Rewards Program (OSS VRP) to reward vulnerability discoveries in Google’s open source projects. As responsible for major projects like Golang, Angular and Fuchsia, Google is among the largest contributors and users of open source in the world. With the addition of Google’s OSS VRP to our family of Vulnerability Bounty Programs (VRPs), researchers can now be rewarded for finding bugs that could potentially affect the entire open source ecosystem,” said Francis Perron, program manager. open source security technician, and Krzysztof Kotowicz, information security engineer, in a statement from Google.

Reward amounts range up to more than $31,000. Depending on the severity of the vulnerability and the importance of the project, the rewards will range from US$100 to US$31,337. The largest amounts will also go towards unusual or particularly interesting vulnerabilities, so creativity is encouraged.

Comments are closed.