eWeek:
Google is raising the rewards it pays to security researchers who find bugs in its Chrome Web browser, following a decline in the number of security issues found by flaw finders.
On Aug. 14, Google boosted the bounties it pays as part of its Chromium Vulnerability Rewards Program, an initiative for recognizing researchers who submit bugs to the company. Google increased the minimum bounty from $500 to $1,500, and added other bonuses that could raise rewards by $3,000 in total. The next day, the company announced that it would repeat the Pwnium contest, a $2 million competition for finding severe and exploitable bugs, and will pay up to $60,000 for the most severe issues.
Google is raising the payouts to researchers in an attempt to get them to dig deeper into the code and find flaws, said Chris Evans, engineering manager for Google's Chrome Security Team. The participants in its current program have apparently tapped out the easiest classes of vulnerabilities, leaving the more difficult-to-discover issues, he said. [Read more]
posted by: gqjournal
Comments
You can follow this conversation by subscribing to the comment feed for this post.