Google increases rewards for Chromium bug reports
Posted on 13 August 2013.
It has recently been proved that setting up bug bounties is a cheaper option than hiring full-time bug hunters, and Google's two bug bounty programs - Google Web and Chromium - have proved to be a great choice for the company,

According to the researchers, one of the factors in the success of the Chromium bug bounty initiative is that the majority of the rewards are for only $500 or $1,000 and larger rewards are infrequent.

"Much like the lottery, a large maximum payout ($30,000 for Chrome), despite a small expected return (or even negative, as is the case of anyone who searches for bugs but never successfully finds any) appears to suffice in attracting enough participants," they pointed out.

But Google is obviously wise to the fact that the monetary incentives for the researchers need to be occasionally increased, and have done so repeatedly in the last few years.

The latest upswing has been announced on Monday, when Google's Chris Evans and Adam Mein divulged that bugs previously rewarded at the $1,000 level will now be considered for reward at up to $5,000.

"We’ll issue higher rewards for bugs we believe present a more significant threat to user safety, and when the researcher provides an accurate analysis of exploitability and severity," they wrote. "We will continue to pay previously announced bonuses on top, such as those for providing a patch or finding an issue in a critical piece of open source software."

They also shared that in the three years since they've launched both bounty programs, they have rewarded and fixed more than 2,000 security bug reports, which resulted in over $2 million being handed over to the deserving researchers.









Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Dec 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //