Google is planning to pay independent security researchers — no strings attached — to help find security vulnerabilities in its products.
Google’s has had a “Security Rewards Program,” which financially rewards security researchers who discover Google vulnerabilities, since 2010. This new program differs because the researchers are given the money before they even begin working, and there’s no penalty for not finding anything.
As a bonus to the grant, researchers are still eligible for regular financial rewards if they do happen to disclose or fix a zero-day bug. The program is intended for Google’s “top performing, frequent vulnerability researchers as well as invited experts,” so this isn’t aimed at amateur hackers. Google’s treating the program as an experiment and is placing trust in the researchers based on their track records. Read more…
More about Google, Online Privacy, Data Security, Tech, and Apps Software