Google is now emphasizing on increasing Bug bounties in order to find critical vulnerabilities in its various products. Google Vulnerability Rewards Program (VRP) was launched in 2010 and vide range of rewards were offered from USD 100 to USD 20,000 to those who found low severity and critical severity issues respectively. Nowadays high severity vulnerabilities are becoming harder to identify, therefore Google has decided to make some changes in the VRP (Vulnerability Reward Program).
Google team has stated in security blog
“Starting today we will be increasing the reward for “Remote Code Execution” on the Google VRP from $20,000 USD to $31,337 USD. We are increasing the reward for “Unrestricted file system or database access” from $10,000 USD to $13,337 USD as well. Please check out the VRP site for more details and specifics.”
Besides this, Google have donated $8000 to rescue.org this year.
As per reports, Russia has consistently occupied a significant position in top 10 researchers and there are 3X increment in the reports provided by Asia in 2016. Apart from this, Germany (27%) and France (44%) researchers did a good job by reporting valid bugs in the last year.
Now the vulnerability researchers who are devoting more time in finding critical severity bugs will get huge amount than ever before.