14 DAY TRIAL // Google decided to increase threefold the maximum amount of money regularly paid to researchers who provide a sandbox escape vulnerability accompanied by a high-quality report with a functional exploit, up to a total of $15,000 / €11,900 .
The Bug Bounty Program has been initiated by Google to offer researchers outside its team the possibility to contribute in a responsible way to plugging security flaws.
This has worked brilliantly for Chrome, Google's browser, as more than 700 important bugs were removed, for which more than $1.25 million / €990,000 were paid.
As the list of vulnerabilities thinned down and the discovery of new ones entailed more effort, the company switched to new higher payment levels. However, as always, Google is willing to pay more than the maximum of $15,000 / €11,900 announced if an “exotic” glitch is found and is properly documented.
Apart from increasing the bounties, researchers providing a functional exploit for the glitch discovered will receive a higher reward. “We’ll pay at the higher end of the range when researchers can provide an exploit to demonstrate a specific attack path against our users,” Tim Willis of Chrome security team says in a blog post.
To stimulate third-party individuals who have already reported Chrome glitches and have been paid, Google says that back-payments will be provided for all valid submissions from July 1 onward, according to the newly announced levels.