New Delhi, Aug 31 : Google has launched an updated bug bounty program which will offer as much as $31,337 (nearly 25 lakh rupees) to researchers who discover weaknesses in Google’s Open Source projects.Based on the degree of the vulnerability, as well as the significance of the project the rewards can vary between $100 and $31,337.
The greater amounts will be given to unusual or fascinating vulnerabilities “so that creativity can be encouraged” Google said.Google while the launch of the Open Source Software Vulnerability Rewards Programme (OSS VRP).
Being the maintainer of major projects like Golang, Angular, and Fuchsia, Google is among the biggest users and contributors of open source in the world.
In the past year, Google saw a 650 percent increase in attacks on the open supply chain.
With the introduction of Google’s vulnerability reward program (VRP) researchers are now recognized for finding bugs that could affect the whole open source community.
The initial VRP program was one of the first in the world, and is about to celebrate its 12th anniversary.
“Over time we have seen our VRP lineup has grown to include programs that focus on Chrome, Android, and other areas.Together the programs have awarded over 13,000 submissions, which total more than $38 million in rewards,” Google said in an announcement on Tuesday night.
Google stated that it’s OSS VRP is a component of “our $10 billion investment in improving security, including protecting the supply chain from the kinds of attacks for both Google’s users as well as open source consumers around the world”.
na/
