Google starts bug bounty program, will get 25 lakh rupees for finding flaws in open source projects

Google's big action, remove 2000 instant loan apps from Play Store, know the whole matter


Technology giant Google has launched a new bug bounty program.
Researchers who find flaws in the company’s open source projects will get Rs 25 lakh.
The company says that the reward will be given based on the severity of the flaw and the importance of the product.

New Delhi. Technology giant Google has launched a new bug bounty program where it will reward up to $31,337 (about Rs 25 lakh) to researchers who find flaws in the company’s open source projects. The newly announced Vulnerability Reward Program (VRP) will focus on Google software and repository settings such as GitHub actions, application configuration, and access control rules.

The company said that depending on the severity of the vulnerability and the importance of the product, those who find bugs in open source software will get a reward of $ 101 to $ 31,337 i.e. around Rs 8,031 to about Rs 24,92,403. The company further said that the top award will go to the flaw finder in key projects like Golang, Angular and Fuchsia.

Attack on open source supply chain
As a maintainer of major projects such as Golang, Angular and Fuchsia, Google is one of the world’s largest contributors and users of open source. Last year Google saw a 650 percent year-on-year increase in attacks targeting the open source supply chain. Researchers can now be rewarded for finding bugs through VRP that could potentially damage the entire open source ecosystem. can affect.

Also read- Google Chrome users beware! These browser extensions can steal your data

One of the world’s first programs
Google said in a statement that VRP is one of the first such programs in the world and now its 12th anniversary is approaching. Over time, our VRP lineup has expanded to include programs focused on Chrome, Android and other areas, the company said. These programs have rewarded more than 13,000 submissions and have paid out over $38 million in total.

VRP is part of improving cyber security
Google said its OSS VRP is part of our $10 billion commitment to improving cybersecurity, including securing the supply chain against these types of attacks for both Google users and open source consumers around the world .

Tags: Google, tech news, Tech News in hindi, Technology

Source link


Please enter your comment!
Please enter your name here