Vulnerability Management

Google bumps maximum Chrome bug bounty reward to $15K


As Chrome becomes more secure and vulnerabilities become harder to find, Google has decided to make some adjustments to its web browser's bug bounty program – notably by increasing the published maximum reward to $15,000 from $5,000, according to a Tuesday post.

Now, a high-quality report with a functional exploit for a sandbox escape will earn a bug hunter $15,000, while a high-quality report without the functional exploit will earn a researcher $10,000, the post indicates. A breakdown of reward amounts can be found here.

Additional changes include researchers having the option to send over exploits after initially reporting the vulnerability, as well as Chrome reward recipients being listed in the Google Hall of Fame, according to the post.

As a treat, valid submissions from July 1 onward will be paid retroactively at the new rates, the post adds.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.