web analytics

Google Pays $10M in Bug Bounties in 2023 – Source: www.schneier.com

Rate this post

Source: www.schneier.com – Author: Bruce Schneier

BleepingComputer has the details. It’s $2M less than in 2022, but it’s still a lot.

The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program’s launch in 2010 has reached $59 million.

For Android, the world’s most popular and widely used mobile operating system, the program awarded over $3.4 million.

Google also increased the maximum reward amount for critical vulnerabilities concerning Android to $15,000, driving increased community reports.

During security conferences like ESCAL8 and hardwea.io, Google awarded $70,000 for 20 critical discoveries in Wear OS and Android Automotive OS and another $116,000 for 50 reports concerning issues in Nest, Fitbit, and Wearables.

Google’s other big software project, the Chrome browser, was the subject of 359 security bug reports that paid out a total of $2.1 million.

Slashdot thread.

Tags: , ,

Posted on March 22, 2024 at 7:01 AM
9 Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.

Original Post URL: https://www.schneier.com/blog/archives/2024/03/google-pays-10m-in-bug-bounties-in-2023.html

Category & Tags: Uncategorized,economics of security,Google,vulnerabilities – Uncategorized,economics of security,Google,vulnerabilities

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post