Latest in Tomorrow

Image credit: dusanpetkovic via Getty Images

Google spent a record sum rewarding researchers for hacking its products

It's paid out more than $21 million since 2010.
156 Shares
Share
Tweet
Share

Sponsored Links

dusanpetkovic via Getty Images

Google is not messing around when it comes to its bug bounty program. Last year it paid out $6.5 million to researchers that reported vulnerabilities -- almost double the $3.4 million paid out in 2018. The largest single award was for $201,337, which was given to Guang Gong of Alpha Labs, who discovered a major exploit on the Pixel 3.

Google's Vulnerability Reward Programs (VRP) have been around since 2010, designed to reward researchers for discovering bugs and flaws that Google might have missed. The initiative has expanded steadily since then to cover its other products, including Chrome and Android, and last year the company extended its Google Play security reward arm to include not just the top eight apps, but any app that's had more than 100 million installs. This netted researchers $650,000 in rewards in the second half of 2019 alone. In total, Google has paid out more than $21 million since its VRPs were launched.

It's a lot of money, but it makes good financial sense -- despite its best efforts Google can't be on top of every single potential vulnerability, and rewarding benevolent bug bounty hunters is likely a lot more cost effective than dealing with the fallout of a nefarious hack. Plus, of course, the program helps to incentivize bright young minds into the sector.

It's hardly surprising, then, that other companies have followed suit. Tesla hands out big cash prizes -- and even cars -- to anyone that's able to crack its vehicle security system, while Apple's bug bounty program offers single payouts of up to $1 million. As hackers become increasingly sophisticated and technology continues to permeate every area of our lives, it won't be a surprise to anyone to see the value of bug bounties skyrocketing, and even more companies launching their own initiatives.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
156 Shares
Share
Tweet
Share

Popular on Engadget

BMW's teases its iNext prototype EV during a hot-weather test

BMW's teases its iNext prototype EV during a hot-weather test

View
Senate approves $1 billion budget to help rural carriers replace Huawei gear

Senate approves $1 billion budget to help rural carriers replace Huawei gear

View
Citroën's new EV is a tiny two-seater that only costs $22 a month

Citroën's new EV is a tiny two-seater that only costs $22 a month

View
Clearview AI leak names businesses using its facial recognition database

Clearview AI leak names businesses using its facial recognition database

View
Apple's keyboard cover for the next iPad Pro could add a trackpad

Apple's keyboard cover for the next iPad Pro could add a trackpad

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr