Google to continue its Vulnerability Research Grants program

Dec 21, 2015 16:07 GMT  ·  By

Google has announced the intention to put up another $1 million / €0.92 million for its Vulnerability Research Grants program.

The Vulnerability Research Grant is part of Google's Application Security Reward Programs. Unlike the actual Vulnerability Research Rewards (bug bounty) program that gives out sums of money for reported vulnerabilities, the Grants program works a little bit different.

As described by Google, the Vulnerability Research Grants program has "the goal of rewarding security researchers that look into the security of Google products and services even in the case when no vulnerabilities are found." Additionally, company representatives also said about the program: "we also have benefit in knowing about products were finding bugs was hard."

Only established and well-known security researchers are eligible for this program, as a way to fund their work and assure themselves a daily income while they take Google's products apart for security issues.

Depending on the service each researcher wants to dedicate himself, grants can be awarded for sums between $500 USD and $3,133.7.

The Google Vulnerability Research Grants program will continue in 2016

Google's other program, the regular Vulnerability Research Rewards program will also go on as usual, with rewards paid from $100 to $20,000, all depending on the vulnerability's severity and the number of services it affects.

Google launched the Vulnerability Research Grants this year, in January, and while not as well-known as its bug bounty program, researchers used its funds to cover and finance their work, but since no "spectacular" results made it in the media, few people knew it existed.

The announcement was made last Thursday on December 17 on the Google Drive official blog.