Google doubles bug bounties

The rewards now offered to bug hunters are said to better align with community expectations

Google has announced that they have doubled the rewards for anyone who can who can demonstrate working exploits for a range of zero-day and one-day vulnerabilities across a variety of platforms.

The reward increases are applicable to exploits discovered in the Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF (Kubernetes-based infrastructure for capture the flag exercises). The next review will come at the start of 2023.

Rewards for valid one-day security exploits, sometimes known as ‘n-days’, will increase from a maximum of $31,337 to $71,337. While one-day vulnerabilities are publicly known and do have patches, Google will offer rewards for novel exploits. Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *