1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google is giving its bug bounty scheme a major facelift

    From TechnologyDaily@1337:1/100 to All on Wed Jul 28 14:15:03 2021
    Google is giving its bug bounty scheme a major facelift

    Date:
    Wed, 28 Jul 2021 12:55:32 +0000

    Description:
    Google is ready to scale up the Vulnerability Rewards Program (VRP), but
    under a new name.

    FULL STORY ======================================================================

    Google has announced intentions to scale up its bug bounty scheme, which has until now been known as the Vulnerability Rewards Program (VRP).

    In its ten-year history, more than 11,000 bugs have been reported and
    remedied via VRP and $29.3 million in rewards have been shared between 2,000 researchers. However, Google has now decided it wants to expand upon and simplify its program under a new name: Bug Hunters.

    Since its inception, the VRP program has not only grown significantly in
    terms of report volume, but the team of security engineers behind it has also expanded - including almost 20 bug hunters who reported vulnerabilities to us and ended up joining the Google VRP team, said Jan Keller, who manages the program. We've built a list of the best malware removal software out there Check out our list of the best ransomware protection around Here's our list
    of the best endpoint protection services on the market

    This is why we are thrilled to bring you this new platform, continue to grow our community of bug hunters and support the skill development of up-and-coming vulnerability researchers. (Image credit: Google) Google Bug Hunters

    In a blog post , Google explains that the new scheme will bring the
    individual bounty programs for its various products (e.g. Google Search, Android, Chrome, Play) under one roof, providing a single funnel through
    which vulnerabilities can be reported.

    Bug Hunters will also introduce a measure of gamification in the form of country-specific leaderboards and award badges, which Google says will increase interaction and competition within the community.

    Meanwhile, to help researchers sharpen their bug-hunting abilities and
    improve their reports, the company has published a library of educational resources, housed under a section of the platform called Bug Hunter University. From here, researchers can view successful reports from the past, browse suggested bug targets and learn how to properly prepare and format a disclosure.

    Google also took the opportunity to encourage users to submit reports
    relating to bugs in free and open source software (FOSS), which can also be eligible for reward under the scheme. Here's our list of the best antivirus services around



    ======================================================================
    Link to news story: https://www.techradar.com/news/google-is-giving-its-bug-bounty-scheme-a-major- facelift/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)