$10 million in bug bounty prizes were given out by Google in 2023. In recognition of their efforts to identify and appropriately disclose security vulnerabilities in the company’s goods and services, 632 researchers from 68 different countries received this incentive.
The internet behemoth awarded more than 600 white hat hackers from 68 different countries for finding vulnerabilities in its systems. Eleven thousand dollars was the largest single reward.
The amount that was distributed to the bug bounty community in 2022 was $12 million; this is a decrease.
Between 2010 and now, Google has awarded researchers with a total of $59 million in prizes for finding flaws in its systems.
Top rewards
In 2023, $113,337 was the greatest payout. For Android operating system vulnerabilities that were reported, Google additionally granted $3.4 million. Moreover, in an effort to encourage community submissions, Google raised the maximum payment for serious Android vulnerabilities to $15,000.
Twenty more significant findings in Wear OS and Android Automotive OS were given a bonus of $70,000, while fifty complaints about problems with Nest, Fitbit, and Wearables received an additional $116,000 in funding.
A prize of $2.1 million was also given out by the business for the discovery of 359 vulnerabilities in its Chrome browser.
Google declared earlier in 2023 that bounty payments for sandbox escape chain exploits targeting Chrome would be tripled until December. Additionally, the program enhanced rewards for flaws found in earlier iterations of the Java Script engine in Chrome, which resulted in notable discoveries and awards such as a $30,000 payment for an optimization bug that had been there for a long time.
Google paid out $10 million in total in 2023, which was less than the $12 million it spent to researchers in 2022.
Increasing the Impact of AI Bug Bounty Programs
The company released information about a live-hacking event called bugSWAT that happened last year with the goal of finding flaws in its large language model (LLM) products, namely Gemini.
As a consequence, 35 reports generated compensation totaling over $87,000.
As part of its commitment to improving the safety of AI systems, Google released their reward guidelines for reporting defects in AI products in October 2023.
Get to know about the new Google Chrome version here which is more secure – Google Chrome for businesses