Google ups the ante in vulnerability management rewards program

For a few years now the Google Chromium team has been taking an interesting approach towards vulnerability management, and now it is upping the stakes.

The Chromium Vulnerability Rewards Program offers users a financial incentive for identifying security bugs in the Chromium web browser, an open source project which provides much of the source code for the more popular Google Chrome.

The idea is an interesting twist on the concept of ethical hacking and is an example of how seriously Google takes the security of the services it provides.

However, according to a post on the official Chromium blog dated August 14, the number of bugs submitted by the online community has decreased in recent months.

"Recently, we’ve seen a significant drop-off in externally reported Chromium security issues," reads the blog post.

"This signals to us that bugs are becoming harder to find, as the efforts of the wider community have made Chromium significantly stronger."

For that reason Google has announced that it will be increasing the amount awarded in this program, which has already seen more than US$1 million given away.

Individual prizes of up to $10,000 have been awarded in the past for significant bug finds, with Google noting that "the rewards panel has always reserved the right to reward at our discretion".

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s