Google ups bug bounty rewards

By on
Google ups bug bounty rewards

Google has decided to increase the rewards of its bug bounty program significantly, according to a recent blog post by members of the tech giant's security team.

Any cross-site scripting (XSS) flaws found in are now worth $7,500 (previously $3,133.70), and now any Gmail and Google Wallet bugs will fetch up to $5,000, up from $1,337. For any information regarding significant authentication bypasses/information leaks, the top reward has increased from $5,000 to $7,500.

Remote code execution vulnerabilities and SQL injection flaws still offer the biggest reward in Google's bug bounty program.

According to the blog post by Adam Mein and Michal Zalewski, members of Google's security team, the company's vulnerability reward program has paid $828,000 to more than 250 individuals.

This article originally appeared at

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register


What does your business want for Christmas?
Skilled people who'll take Elves' wages
A stocking full of good leads
Please, Santa, drop some cash down the chimney!
All status indicators green like misteltoe, none red like Rudolph's nose
A peaceful, relaxing time for the team and our clients, and all their families
View poll archive

Log In

Username / Email:
  |  Forgot your password?