Google is giving its bug bounty scheme a major facelift

Google invites new white hat hackers to join the fun

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Googlehas announced intentions to scale up its bug bounty scheme, which has until now been known as the Vulnerability Rewards Program (VRP).

In its ten-year history, more than 11,000 bugs have been reported and remedied via VRP and $29.3 million in rewards have been shared between 2,000 researchers. However, Google has now decided it wants to expand upon and simplify its program under a new name: Bug Hunters.

“Since its inception, the VRP program has not only grown significantly in terms of report volume, but the team of security engineers behind it has also expanded - including almost 20 bug hunters who reported vulnerabilities to us and ended up joining the Google VRP team,” said Jan Keller, who manages the program.

“This is why we are thrilled to bring you this new platform, continue to grow our community of bug hunters and support the skill development of up-and-coming vulnerability researchers.”

Google Bug Hunters

In ablog post, Google explains that the new scheme will bring the individual bounty programs for its various products (e.g. Google Search, Android, Chrome, Play) under one roof, providing a single funnel through which vulnerabilities can be reported.

Bug Hunters will also introduce a measure of gamification in the form of country-specific leaderboards and award badges, which Google says will increase interaction and competition within the community.

Meanwhile, to help researchers sharpen their bug-hunting abilities and improve their reports, the company has published a library of educational resources, housed under a section of the platform called Bug Hunter University. From here, researchers can view successful reports from the past, browse suggested bug targets and learn how to properly prepare and format a disclosure.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Google also took the opportunity to encourage users to submit reports relating to bugs in free and open source software (FOSS), which can also be eligible for reward under the scheme.

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind