[ad_1]
Just a little over 10 years in the past, we launched our Vulnerability Rewards Program (VRP). Our purpose was to ascertain a channel for safety researchers to report bugs to Google and provide an environment friendly approach for us to thank them for serving to make Google, our customers, and the Web a safer place. To recap our progress on these targets, here’s a snapshot of what VRP has completed with the neighborhood over the previous 10 years:
- Complete bugs rewarded: 11,055
- Variety of rewarded researchers: 2,022
- Representing 84 completely different international locations
- Complete rewards: $29,357,516
To have a good time our anniversary and make sure the subsequent 10 years are simply as (or much more) profitable and collaborative, we’re excited to announce the launch of our new platform, bughunters.google.com.
This new web site brings all of our VRPs (Google, Android, Abuse, Chrome and Play) nearer collectively and offers a single consumption type that makes it simpler for bug hunters to submit points. Different enhancements you’ll discover embrace:
- Extra alternatives for interplay and a little bit of wholesome competitors by gamification, per-country leaderboards, awards/badges for sure bugs and extra!
- A extra useful and aesthetically pleasing leaderboard. We all know plenty of you might be utilizing your achievements within the VRP to seek out jobs (we’re hiring!) and we hope this acts as a helpful useful resource.
- A stronger emphasis on studying: Bug hunters can enhance their expertise by the content material out there in our new Bug Hunter College
- Streamlined publication course of: we all know the worth that data sharing brings to our neighborhood. That’s why we need to make it simpler so that you can publish your bug experiences.
- Swag will now be supported for particular events (we heard you loud and clear!)
We additionally need to take a second to shine a light-weight on some features of the VRP that aren’t but well-known, reminiscent of:
After we launched our very first VRP, we had no concept what number of legitimate vulnerabilities – if any – can be submitted on the primary day. Everybody on the workforce put of their estimate, with predictions starting from zero to twenty. Ultimately, we truly obtained greater than 25 experiences, taking all of us abruptly.
Since its inception, the VRP program has not solely grown considerably when it comes to report quantity, however the workforce of safety engineers behind it has additionally expanded – together with nearly 20 bug hunters who reported vulnerabilities to us and ended up becoming a member of the Google VRP workforce.
That’s the reason we’re thrilled to carry you this new platform, proceed to develop our neighborhood of bug hunters and assist the ability growth of up-and-coming vulnerability researchers.
Thanks once more to the complete Google bug hunter neighborhood for making our vulnerability rewards program profitable. As you proceed to mess around with the brand new web site and reporting system, inform us about it – we might like to hear your suggestions. Till subsequent time, carry on discovering these bugs!
[ad_2]
