As Chrome becomes more secure and vulnerabilities become harder to find, Google has decided to make some adjustments to its web browser’s bug bounty program – notably by increasing the published maximum reward to $15,000 from $5,000, according to a Tuesday post.
Now, a high-quality report with a functional exploit for a sandbox escape will earn a bug hunter $15,000, while a high-quality report without the functional exploit will earn a researcher $10,000, the post indicates. A breakdown of reward amounts can be found here.
Additional changes include researchers having the option to send over exploits after initially reporting the vulnerability, as well as Chrome reward recipients being listed in the Google Hall of Fame, according to the post.
As a treat, valid submissions from July 1 onward will be paid retroactively at the new rates, the post adds.