Summary: In 2024, Google disbursed almost million in bug bounty rewards to 660 researchers as part of its ongoing Vulnerability Reward Program (VRP). The company enhanced reward structures, with highlights including increased maximum bounties and the introduction of new initiatives like kvmCTF for Kernel-based Virtual Machine security. Overall, Google has rewarded million in bug bounties since launching the VRP in 2010, underscoring its commitment to cybersecurity collaboration.
Affected: Google, Vulnerability Reward Program (VRP)
Keypoints :
- Google paid million in bug bounties to 660 researchers in 2024.
- Revamped VRP with maximum rewards increased to 1,515 and Mobile VRP offering up to 0,000.
- Launched kvmCTF for KVM hypervisor security with bounties of 0,000 for full VM escape exploits.
- Awarded .4 million to Chrome VRP researchers for 137 valid security bug reports.
- Overall, has provided million in bug bounties since the VRP’s inception in 2010.