Maybe this is your chance: How much does Google pay for vulnerabilities found in its services?

How much can you earn?

According to the information published by Google itself, 632 researchers will be employed in 2023. total 10 million dollars To find and responsibly report security flaws in products and services. These experts live in 68 countries.

While this is less than the $12 million that Google is paying researchers under its 2022 Vulnerability Bounty Program, it is a significant amount that demonstrates the high level of public involvement in Google’s security efforts.

Total amount paid to researchers each year / Google Photo

Highest reward for reporting a vulnerability in 2023 $113,337and the total amount since the program was launched in 2010 $59 million.

Best Award / Google Photos

• The program awarded more than $3.4 million to Android, the world’s most popular and widely used mobile operating system.
• The company also increased the maximum bounty for finding critical vulnerabilities in Android to 15,000, leading to an increase in the number of reports from the community.
• At security conferences like ESCAL8 and hardwea.io, Google paid $70,000 for 20 critical vulnerabilities in Wear OS and Android Automotive OS and $116,000 for 50 bug reports in Nest, Fitbit and Wearables.
• Another major Google software project, the Chrome browser, was the subject of 359 security bug reports and was paid $2.1 million for it.
• On June 1, 2023, the company announced that it would triple the reward given to developers who exploit sandbox exploits targeting Chrome through December 1, 2023.
• The program also increased the bounty for bugs in older (pre-M105) versions of V8, Chrome’s JavaScript engine, leading to significant discoveries and bounties, such as a $30,000 bounty for a long-standing optimization bug.

One of the newest trends is the creation of artificial intelligence-based products such as Bard/Gemini. 35 researchers have already received $87,000 for the vulnerabilities found in them.