infotechlead

Google announces Open Source software vulnerability rewards program

Google has launched a Open Source software vulnerability rewards program and will award up to $31,337 to researchers who spot vulnerabilities in the company’s Open Source projects.
Google developersGoogle said rewards will range from $100 to $31,337 depending on the severity of the vulnerability and the project’s importance. The larger amounts will also go to unusual or particularly interesting vulnerabilities, said Google.

As the maintainer of major projects such as Golang, Angular, and Fuchsia, Google is among the largest contributors and users of open source in the world.

Last year, Google saw a 650 percent increase in attacks targeting the open source supply chain.

Over time, VRP lineup has expanded to include programs focused on Chrome, Android, and other areas. Collectively, these programs have rewarded more than 13,000 submissions, totalling over $38 million paid, Google said in a statement.

Google said its OSS VRP is part of its $10 billion commitment to improving cybersecurity, including securing the supply chain against these types of attacks for both Google’s users and open source consumers worldwide.

Latest

More like this
Related

5 Top CMMC Consultants

As cybersecurity threats continue to evolve, compliance with Cybersecurity...

Top brands most frequently targeted by phishing attacks

The Q1 2025 Brand Phishing Report from Check Point...

Software firm Logezy exposes sensitive personal and employment data

A significant data exposure incident linked to Logezy, a...

Hertz discloses data breach involving file transfer supplier Cleo

Hertz Global has disclosed that a data breach involving...