Google Spent a Record Sum Rewarding Researchers for Hacking its Products (Engadget)


Google is not messing around when it comes to its bug bounty program. Last year it paid out $6.5 million to researchers that reported vulnerabilities — almost double the $3.4 million paid out in 2018. The largest single award was for $201,337, which was given to Guang Gong of Alpha Labs, who discovered a major exploit on the Pixel 3. Google’s Vulnerability Reward Programs (VRP) have been around since 2010, designed to reward researchers for discovering bugs and flaws that Google might have missed.