In 2023, Google paid $10 million to ethical hackers involved in its vulnerability reward program. Through this initiative, the tech giant encourages cybersecurity research into the vulnerability of its various products. The company disclosed this information in a blog.
What the Program Engages and Its Impact
A total of 632 cybersecurity researchers from 68 countries benefited from Google’s payouts in 2023. They focused on detecting vulnerabilities in various company products, including Android and Wear OS operating systems. The highest single payout for a vulnerability report was $113,337. Since the inception of the program in 2010, Google has paid out a total of $59 million to researchers.
Expansion of Google’s Vulnerability Search Program
In the past year, Google broadened its vulnerability search program, including neural-network-based services such as Gemini. The year saw the detection of 35 bugs in this segment, with total bounties amounting to $87,000. The payout sum for detected vulnerabilities in Android and Google hardware products was $3.4 million.
Brief on Detected Errors and Bounty Payouts
Bugs discovered in Wear OS and Android Automotive yielded $70,000 for researchers. The Chrome browser surfaced 359 vulnerabilities, leading to approximately $2.1 million in payouts to researchers. Further detailed reportage on this issue can be found in the Google blog.
This post was last modified on 03/14/2024