Google doubles bug bounties

Google has announced that they have doubled the rewards for anyone who can who can demonstrate working exploits for a range of zero-day and one-day vulnerabilities across a variety of platforms.

The reward increases are applicable to exploits discovered in the Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF (Kubernetes-based infrastructure for capture the flag exercises). The next review will come at the start of 2023.

Rewards for valid one-day security exploits, sometimes known as ‘n-days’, will increase from a maximum of $31,337 to $71,337. While one-day vulnerabilities are publicly known and do have patches, Google will offer rewards for novel exploits.

To receive a reward for valid one-day exploits, Google requires bug hunters to provide a link to the existing patch in their report. Google will be limiting the number of rewards for one-day vulnerabilities to only one version or build.


The post Google doubles bug bounties appeared first on IT Security Guru.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt