Fresh on the heels of Mozilla’s decision to raise the bounty payment under its Security Bug Bounty Program, Google has announced a similar hike. The maximum reward under the six-month-old Chromium Security Program has been raised to $3,133.7, which is almost $2000 more than the previous payment cap. However, the base payment “for less serious bugs” is same as before — $500 per bug.
“The maximum reward for a single bug has been increased to $3,133.7. We will most likely use this amount for SecSeverity-Critical bugs in Chromium. The increased reward reflects the fact that the sandbox makes it harder to find bugs of this severity," Chris Evans, a Google security researcher, wrote in a blog post.