Google jumped on the bug bounty bandwagon in January. So impressed it is with the results of that bug bounty program, which offers a monetary reward to anyone who identifies bugs in its Chrome browser, that it has decided to implement a similar scheme for its web properties, including the search engine, Youtube, Blogger and Orkut. However, Google client applications (e.g. Android, Picasa, Google Desktop, etc) are not covered.
“Today, we are announcing an experimental new vulnerability reward program that applies to Google web properties. We already enjoy working with an array of researchers to improve Google security, and some individuals who have provided high caliber reports are listed on our credits page,” the company announced in a blog post.
Rewards range from a minimum of $500 per bug to $3,133.7 per bug, with the actual reward varying based on the severity of the threat. The internet giant has posted a lot of information regarding the bug bounty program in the form of frequently asked questions (FAQs) on its blog dedicated to online security.