Search giant Google has increased the reward for its web vulnerability bug bounty program. Google has also updated the rules of the reward program.
“Since introducing our reward program for web properties in November 2010, we’ve received over 1,500 qualifying vulnerability reports that span across Google’s services, as well as software written by companies we have acquired. We’ve paid $828,000 to more than 250 individuals, some of whom have doubled their total by donating their rewards to charity,” Google announced.
As a result of the changes, now Google offers US$7,500 for critical cross site vulnerability from US$3,133.7. Any other XSS in other Google Properties will be rewarded with $3,133.0. It was $500 before the new changes. XSS in Gmail or Google Wallet will be rewarded with $5000 while it was only $1,337.
Now, security researchers will give more time in hunting security vulnerabilities. Google has made these changes to encourage researchers. Google has been progressively increasing bug bounty reward over the past few years.
Google is not the only company which has this kind of bug bounty program. Paypal, Facebook and some other tech companies also offer good amount to researchers who find security vulnerabilities in their online services. But PayPal and Google Pay more than other tech giants.
