Incident Response, TDR, Vulnerability Management

Google offers rewards for bugs discovered in Android


After announcing last month that it would give rewards for vulnerabilities discovered in open source software (OSS), Google is expanding its bug bounty program to include Android, the open source mobile operating system.

On Monday, the internet technology corporation announced it would additionally compensate researchers who find bugs in web servers including Apache httpd, lighttpd and nginx, and mail delivery services including Sendmail, Postfix, Exim and Dovecot. OpenVPN, University of Delaware NTPD, Mozilla NSS and libxml2 were also on the list, as well as toolchain security improvements for GCC, binutils, and llvm.

When Google introduced the OSS bug bounty program in October, the company said it would be offering rewards ranging from $500 to $3,133.70.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.