Google has announced a new bug bounty program for Android aimed at identifying security vulnerabilities. The program specifically targets first-party Android applications developed by Google and aims to improve security by rewarding users who discover security flaws and bugs, with rewards ranging up to $30,000.
How does Google bug bounty program work?
Google intends to seek assistance from third-party developers to fix bugs not only in the Android but also in Google apps. The bug bounty program primarily focuses on Google Play Services, Google Chrome, Google Cloud, Gmail, and Chrome Remote Desktop programs.
The program also includes applications developed by companies associated with Google, including brands like Developed with Google, Research at Google, Red Hot Labs, Fitbit, and Waymo. Through this new bug bounty program, Google aims to create a broad network to enhance security in software.
Google’s new program offers rewards starting at a minimum of $500. This reward tier specifically covers situations where both the attacker and victim are on the same network. Google encourages developers to participate in this program to address issues related to data theft and other security problems.
The most significant rewards of the program are allocated for remote code execution vulnerabilities. Rewards ranging from $30,000 to $20,000 will be provided for vulnerabilities in the top three tiers. Additionally, rewards of up to $1,000 will be given to those who find feature-related bugs.
With its new reward system, Google demonstrates a strong emphasis on addressing remote code execution and data theft. For detailed information, you can visit the this link.
Please feel free to share your thoughts in the comments section!