Google proposes Rs 25 lakh award to spot bugs in its open source projects

Google has launched a new bug bounty programme where it will award up to $31,337 (nearly Rs 25 lakh) to researchers who spot vulnerabilities in the company’s Open Source projects.

Depending on the severity of the vulnerability and the project’s importance, rewards will range from $100 to $31,337.

The larger amounts will also go to unusual or particularly interesting vulnerabilities, “so creativity is encouraged,” said Google while launching its Open Source Software Vulnerability Rewards Programme (OSS VRP).

As the maintainer of major projects such as Golang, Angular, and Fuchsia, Google is among the largest contributors and users of open source in the world.

Last year, Google saw a 650 per cent year-over-year increase in attacks targeting the open source supply chain.

With the addition of Google’s own vulnerability reward programme (VRP), researchers can now be rewarded for finding bugs that could potentially impact the entire open source ecosystem.

The original VRP programme was one of the first in the world and is now approaching its 12th anniversary.

“Over time, our VRP lineup has expanded to include programmes focused on Chrome, Android, and other areas. Collectively, these programs have rewarded more than 13,000 submissions, totalling over $38 million paid,” Google said in a statement late on Tuesday.

Google said its OSS VRP is part of “our $10 billion commitment to improving cybersecurity, including securing the supply chain against these types of attacks for both Google’s users and open source consumers worldwide”.



(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor

Originally appeared on: TheSpuzz