LightBlog

mardi 7 mars 2017

Google Announces Better Payouts in Vulnerability Rewards Program at Nullcon India

Google is joining the security research community at Nullcon India this week in Goa. To mark the occasion, Google is announcing better payouts at the higher levels in the Google Vulnerability Rewards Program.

The increase in rewards focuses on the upper-ends of severity, where finding such vulnerability takes significantly more time, effort and commitment.

The reward payout for “Remote Code Execution” on the Google VRP has been bumped up from $20,000 to $31,337. Additionally, the reward for “Unrestricted file system or database access” findings has also been increased from $10,000 to $13,337. Rewards for other categories remain the same, although Google will now also be donating rewards attributed to reports generated from their internal web security scanner to rescue.org.

Google also highlighted the emerging community of security research in India. India was surpassed by China and USA in terms of total individual researchers paid, but comes out on top of other countries like Canada, France and Britain. The rewards given out in 2016 in India were 30% higher and worked towards doubling the average payout per researcher as well as per reward. Asia as a whole also sees an increase of three times in the number of reports, now making up 70% of the Android Security Rewards for 2016.

What are your thoughts on the increase in reward payouts, and the role of Asia in the security research community? Let us know in the comments below!

Source: Google Security Blog



from xda-developers http://ift.tt/2miAVTa
via IFTTT

Aucun commentaire:

Enregistrer un commentaire