Malware, Network Security, Threat Management, Vulnerability Management

Google to offer up to 20K prize for bug finds

Google has significantly increased its finder's fee for vulnerability researchers. The web giant announced Monday that it is now offering $20,000 for bugs that could permit code execution on its production systems; $10,000 for flaws that can lead to issues like SQL injection, information disclosure and authorization bypass; and up to $3,133.70 for identifying cross-site scripting and cross-site request forgery weaknesses in applications. For less critical vulnerabilities, researchers will be paid based on the level of risk to users. Google's bug bounty program formally was launched roughly two years ago and rewards individuals who find security defects in Chrome, Google, YouTube, Wallet, among other properties.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.