12 February 2018 - Google Paid Out Nearly 3 Million USD to Security Researchers in 2017

cyberTech giant Google paid out almost 3 million USD to security researchers in 2017 as rewards for the vulnerabilities they found in its products and services.
 
As “ICTnews” electronic news portal informs, around 1.1 million USD each was paid for bug reports specific to Google and Android products while Chrome awards accounted for the rest of the Vulnerability Reward Program.
 
"We awarded researchers more than 1 million USD for vulnerabilities they found and reported in Google products, and a similar amount for Android as well. Combined with Chrome awards, we awarded nearly 3 million USD to researchers for their reports," Jan Keller, a member of Google's Vulnerability Reward Program (VRP) wrote in a blog post.
 
"We also awarded 125,000 USD to over 50 security researchers from all around the world through our Vulnerability Research Grants Program and 50,000 USD to the hard-working folks who improve the security of open-source software as part of our Patch Rewards Program," Keller added.
 
The largest single payment of 112,500 USD went to independent researcher Guang Gong for outlining an exploit chain on Pixel phones as part of the Android Security Rewards Program.
 
The Pixel was the only device that was not exploited during last year's annual "Mobile Pwn2Own" competition and Guang's report helped strengthen its protections further.
 
"Pwn2Own" is a hacking contest held annually at the CanSecWest security conference where contestants are challenged to exploit widely-used software and mobile devices with previously unknown vulnerabilities.