Researchers who discovered security issues and bugs were paid $10 million by Google in 2023.
Like all major tech companies, Google also offers a bug bounty program where it pays its security researchers to find vulnerabilities in its products and services. On Tuesday, the tech giant revealed on its blog that it paid a whopping $10 million to more than 600 researchers in 68 countries last year.
Google stated: “Last year, we again saw the power of community-driven security efforts, as researchers around the world helped us identify and fix thousands of vulnerabilities in our products and services. In partnership with our dedicated community of bug hunters, we awarded $10 million to more than 600 of our researchers in 68 countries.”
The blog revealed that to help their engagement with top security researchers, Google will also host their “annual ESCAL8 security conference in Tokyo”. While sharing its “2023 Year in Review statistics” across all programs, Google also expressed its thanks to all the dedicated researchers. It stated: “We would especially like to thank all the dedicated researchers for their continued work on our programs – we look forward to more collaborations in the future!”
Continuing further, the blog post claimed that the $10 million reward was distributed among 632 researchers in 68 countries. Without revealing the exact recipient or the bug it found, Google noted that while the collective sum was generously distributed, the highest individual award was $113,337.
Google also revealed that the researcher who found major flaws in Android collected more than $3.4 million, while the person who discovered the critical vulnerabilities was rewarded with $15,000. The blog added: “We awarded more than $3.4 million in rewards to researchers who found critical vulnerabilities in Android, and raised our maximum reward amount for critical vulnerabilities to $15,000.”
Google continued: “Working closely with top researchers at the ESCAL8 conference, we also hosted a live hacking event for Wear OS and Android Automotive OS that resulted in a $70,000 reward for researchers for finding more than 20 critical vulnerabilities.
During its I/O conference, Google reached out to top hardware security researchers who discovered more than “50 vulnerabilities in Nest, Fitbit, and Wearables and received a total of $116,000 last year!” It’s also worth noting that the researchers reported a total of 359 unique Chrome browser security flaws that “resulted in $2.1 million in rewards.”