Google to offer up to 20K prize for bug finds

Share this article:
Google has significantly increased its finder's fee for vulnerability researchers. The web giant announced Monday that it is now offering $20,000 for bugs that could permit code execution on its production systems; $10,000 for flaws that can lead to issues like SQL injection, information disclosure and authorization bypass; and up to $3,133.70 for identifying cross-site scripting and cross-site request forgery weaknesses in applications. For less critical vulnerabilities, researchers will be paid based on the level of risk to users. Google's bug bounty program formally was launched roughly two years ago and rewards individuals who find security defects in Chrome, Google, YouTube, Wallet, among other properties.
Share this article:

Sign up to our newsletters

More in News

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers

Survey: 53 percent change privileged logins quarterly

A Lieberman Software survey highlights the issue or poor password management, even among security pros.