If you’re a bug hunter for companies such as Google and Facebook, the last few weeks have been good to you. Google announced today that it has officially given out over $2 million to people who poke holes in its systems on purpose.

Google’s vulnerability rewards programs invite people of all types to hack its systems and products looking for security issues. When an issue is found, the company awards that person with a sum of money depending on just how substantial that vulnerability is.

Specifically, Google’s bug finding programs are separated into its Web department and “Chromium,” dealing with its Chrome browser. It seems folks have been able to find issues in both pretty equally, as the $2 million total is split down the middle between the two programs.

But the money made from finding bugs often doesn’t outdo the money someone could get by selling it on the black market. Perhaps this factored into Google’s decision to up the amount of money it gives out for each Chromium bug. Vulnerabilities that once fetched $1,000 will now be worth $5,000. Google suspects the amount paid out for bugs will increase by five times across the board.

Those bug-hunting on the Web side will see increases, but at different rates.

Facebook recently announced that it too has hit a milestone with $1 million paid out in its Bug Bounty program. The company has given out a bounty as high as $20,000 for high-priority security issues.

VentureBeat

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform
  • networking features, and more
Become a member