Google has announced that it paid out $10 million as part of its bug bounty program in 2023, the second largest year in its history and bringing its total bounties since 2010 to $59 million.
Last year, the company's $10 million went to a total of 632 researchers in 68 countries, with the highest payout being $113,337, which changed lives as Google remembered its commitment to cybersecurity.
The annual initiative, part of Google's Vulnerability Reward Program (VRP), aims to identify and address vulnerabilities in the company's products and services by collaborating with the global community of bug hunters, making the measure a win-win for both parties. equipment.
Google Just Had Its Second Biggest Year in Bug Bounties
The 2023 program underwent several improvements and changes, including the introduction of the Bonus Awards program, which offers additional limited-time rewards for reporting on specific VRP goals. The program was also expanded to Chrome and Cloud, and mobile users also benefited from the launch of Mobile VRP, an initiative that focuses on first-party Android apps.
About a third ($3.4 million) of the company's 2023 payout went toward discovering bugs affecting Android apps and other flaws on Google devices, while a total of 359 unique reports addressed bugs. Chrome.
Another category expected to see significant growth in the coming years will be AI, and the California company will publish specific guidelines for AI-related errors and host a specific LLM event.
A statement in the announcement reads: “Our current mission is to stay ahead of emerging threats, adapt to evolving technologies, and continue to strengthen the security posture of Google products and services.”
Google also thanked the developer and bug hunter communities for their continued work, highlighting some key discoveries of 2023.