Vulnerability Management

Google ups rewards for bug bounty program

Share

Google has decided to increase the rewards of its bug bounty program significantly, according to a recent blog post by members of the tech giant's security team.

Any cross-site scripting (XSS) flaws found in accounts.google.com are now worth $7,500 (previously $3,133.70), and now any Gmail and Google Wallet bugs will fetch up to $5,000, up from $1,337. For any information regarding significant authentication bypasses/information leaks, the top reward has increased from $5,000 to $7,500.

Remote code execution vulnerabilities and SQL injection flaws still offer the biggest reward in Google's bug bounty program.

According to the blog post by Adam Mein and Michal Zalewski, members of Google's security team, the company's vulnerability reward program has paid $828,000 to more than 250 individuals.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.