Date:13/02/19
To close out the week that Google spun out of Safer Internet Day, the company summarized the progress of its Vulnerability Reward Program in 2018. In total, $3.4 million in rewards were issued last year to 317 security researchers from around the world.
The Google Vulnerability Reward Program has paid out $15 million since launching in 2010. Last year, half of the $3.4 million went towards Android and Chrome, the company’s most user-facing platforms.
The goal of the program is simple: encourage researchers to report issues so that we can fix them quickly and keep users’ data secure. We also provide financial rewards for bug reporters, ranging from $100 to $200,000, based on the risk level of their discovery.
There were 1,319 individual rewards to 317 paid researchers in 78 countries. The biggest single reward was to the tune of $41,000, while $181,000 in total was donated to charity. Google goes on to name a few of the researchers in its yearly recap:
“Thanks to researchers from all around the world, we’ve been able to patch all different types of bugs. Ezequiel Pereira, a 19-year-old researcher from Uruguay, uncovered a Remote Code Execution “RCE” bug that allowed him to gain remote access to our Google Cloud Platform console. Tomasz Bojarski from Poland discovered a bug related to Cross-site scripting (XSS), a type of security bug that can allow an attacker to change the behavior or appearance of a website, steal private data or perform actions on behalf of someone else. Tomasz was last year’s top bug hunter and used his reward money to open a lodge and restaurant. After Dzmitry Lukyanenka, a researcher from Minsk, Belarus, lost his job, he began bug-hunting full-time and became part of our VRP grants program, which provides financial support for prolific bug-hunters over time.”
Google Paid Out $3.4 Million In Vulnerability Rewards During 2018
To close out the week that Google spun out of Safer Internet Day, the company summarized the progress of its Vulnerability Reward Program in 2018. In total, $3.4 million in rewards were issued last year to 317 security researchers from around the world.The Google Vulnerability Reward Program has paid out $15 million since launching in 2010. Last year, half of the $3.4 million went towards Android and Chrome, the company’s most user-facing platforms.
The goal of the program is simple: encourage researchers to report issues so that we can fix them quickly and keep users’ data secure. We also provide financial rewards for bug reporters, ranging from $100 to $200,000, based on the risk level of their discovery.
There were 1,319 individual rewards to 317 paid researchers in 78 countries. The biggest single reward was to the tune of $41,000, while $181,000 in total was donated to charity. Google goes on to name a few of the researchers in its yearly recap:
“Thanks to researchers from all around the world, we’ve been able to patch all different types of bugs. Ezequiel Pereira, a 19-year-old researcher from Uruguay, uncovered a Remote Code Execution “RCE” bug that allowed him to gain remote access to our Google Cloud Platform console. Tomasz Bojarski from Poland discovered a bug related to Cross-site scripting (XSS), a type of security bug that can allow an attacker to change the behavior or appearance of a website, steal private data or perform actions on behalf of someone else. Tomasz was last year’s top bug hunter and used his reward money to open a lodge and restaurant. After Dzmitry Lukyanenka, a researcher from Minsk, Belarus, lost his job, he began bug-hunting full-time and became part of our VRP grants program, which provides financial support for prolific bug-hunters over time.”
Views: 378
©ictnews.az. All rights reserved.
Similar news
- Azerbaijani project to monitor disease via mobile phones
- Innovative educational system to be improved under presidential decree
- NTRC prolongs license of two TV and radio organizations for 6 years
- Azerbaijan establishes e-registry for medicines
- Azerbaijani museum introduces e-guide
- Nar Mobile opens “Nar Dunyasi” sales and service center in Siyazan city
- International conference on custom electronic services held in Baku
- OIC secretary general to attend COMSTECH meeting in Baku
- Azerbaijan develops earthquake warning system
- New law to regulate transition to digital broadcasting in Azerbaijan
- Azerbaijani State Social Protection Fund introduces electronic digital signature
- Intellectual traffic management system in Baku to be commissioned in December
- Tax Ministry of Azerbaijan started receiving video-addresses
- World Bank recommends Azerbaijan to speed up e-service introduction in real estate
- Azerbaijan to shift to electronic registration of real estate
