• About & Contact Us
  • SEO Community

Ulancer.com

    • Latest Stories

      What is new?

    • Meet the startups that pitched at EF’s 10th Demo Day in London

      September 27, 2018

    • Rally Rd., the app that lets you invest in classic cars, raises $7M Series A

      September 27, 2018

  • News
  • How to’s
  • Writing
  • Startups
  • Jobs
  • More
    • CMS Tools
    • APPS
    • Web Resources
      • Advertising
      • Firefox
      • Scripts
      • Tools

Google’s bug bounty programs paid out almost $3M in 2017

  • by Ulancer Contributor
  • In News
  • — 8 Feb, 2018


Bug bounty programs are designed to sic security researchers on software and pay them to find vulnerabilities and report back to the sponsor. In return, the researchers are richly rewarded for their findings. In fact, Google’s bug bounty paid out a hefty $2.9 million in bug bounties in 2017.

Rewards can range from $500 to $100,000 or more depending on the type of bug and the amount of time spent. There are a number of programs, including the Vulnerability Research Grants Program and Patch Rewards Program. The former paid out a total of $125,000 to 50 researchers around the world in 2017, while the latter paid a total of $50,000 to improve security in open-source software.

The largest award of the year was $112,500, a nice chunk of change, for tracking down a Pixel phone exploit as part of the Android Security Rewards Program. This is serious money, and bug bounty hunters serve a key role in the software security ecosystem, helping to ferret out some of the worst vulnerabilities before hackers can exploit them.

For that reason, the company continues to expand its bug bounty programs, and when needed jacks up the reward to try to get more people involved. For instance, Google raised from $30,000 to $150,000 the top reward for finding a remote kernel exploit last year. That should motivate more researchers out there to keep looking.

The bug bounty program has programs across the various Google products, Chrome and Android, and they even introduced a program in October to track security issues in some of the most popular apps in the Google Play store.

Google is far from alone in holding bug bounty programs, with some of the biggest companies in the world holding their own, including GM, Airbnb, Mastercard and even the Pentagon. Some startups have developed platforms to build and administer bug bounty programs. These include Bugcrowd and HackerOne, a company that launched in 2012 and has raised almost $75 million, including $40 million last year. These companies help customers build platforms to offer rewards for finding bugs in a manner similar to Google.

Finding bugs is not only rewarding for the researchers in a monetary way, although that’s probably a big part of the motivation — it also raises the profile of bug bounty hunters in the research community when they find a big bug.

Every software platform has problems. Programs like the one Google offers is a proactive way to track vulnerabilities before they become a public issue. The Google program has paid $12 million since it began in 2010.

Featured Image: scyther5/Getty Images


News source

You might also like...

  • Senate Democrats press FEC to expand disclosure requirements to online political advertising 14 Nov, 2017
  • Nexar gets $30M Series B for its AI-based road safety dashcams and network 24 Jan, 2018
  • EBay Q4 falls short on sales of $2.6B, EPS in line at $0.59, full year revenues of $9.6B 31 Jan, 2018
  • Robin goes all in on robotic lawn care and focuses on franchising 11 Nov, 2017
  • Previous story Tronc starts its new digital strategy with a majority stake in product review site BestReviews
  • Next story Naspers and Meituan invest $100 million in Indian delivery business, Swiggy
  • RSS
    Receive Freebies & Latest Posts Directly To Your Email - it's Free!

    • Recent Posts
    • Most Popular
    • Comments
    • 7hrCggmJ-AMMeet the startups that pitched at EF’s 10th Demo Day in LondonSeptember 27, 2018
    • oNo38LV2tQIRally Rd., the app that lets you invest in classic cars, raises $7M Series ASeptember 27, 2018
    • Nearby.gifBerkanan is a Bluetooth-powered group messaging appSeptember 27, 2018
    • 2122.pngVinay Gupta to talk about Mattereum at Disrupt BerlinSeptember 27, 2018
    • slider_wp_03Best collection of WordPress Slider PluginsJuly 5, 2010
    • Joomla template builderTop 8 Free Joomla Template GeneratorsJuly 19, 2011
    • 40+ Best WordPress Plugins for Comments40+ Best WordPress Plugins for CommentsJune 18, 2011
    • wptheme2A Collection of Free WordPress ThemesJuly 11, 2010
    • Jason Hall on:Circle launches its stablecoin
    • Jason Hall on:Circle launches its stablecoin
    • Bharat Sarkari Naukri on:Spotify acquires online music studio Soundtrap as it goes after creators
    • PMP on:Online learning platform Unacademy gets $21M Series C from Sequoia India, SAIF and Nexus
  • Staff Picks

    • slider_wp_03Best collection of WordPress Slider PluginsJuly 5, 2010
    • Joomla template builderTop 8 Free Joomla Template GeneratorsJuly 19, 2011
    • 40+ Best WordPress Plugins for Comments40+ Best WordPress Plugins for CommentsJune 18, 2011
  • Recent Posts

    • Meet the startups that pitched at EF’s 10th Demo Day in London
    • Rally Rd., the app that lets you invest in classic cars, raises $7M Series A
  • Search Our Blog

  • Ulancer is an insightful freelance blog and resource site. We provide intuitive articles that cover Photoshop tutorials, time-saving management tips covering a broad range of topics. We also have an active freelance community forum, there you can meet other freelancers that share your common interest, socialize and chat about freelance trending news as the occurred.

© Copyright 2013 Ulancer.