Google pays $8.7 million in bug bounty program in 2021

Redemption bug finder programs have long been an effective solution for large companies to quickly detect security flaws and fix them early.

Over the past year, Google has paid out no less than $8.7 million in bug fixes, and this is a new record. Of course, Google issues various bounty milestones for a total of 696 researchers in 62 countries.

The security bugs themselves discovered on the Android platform accounted for more than 2.9 million USD and the highest reward was up to 157,000 USD.

Google explains: “The Android VRP bounty hunter has doubled its total bounty in 2021 to nearly $3 million and has awarded the highest bounty in Android VRP history. It’s an exploit chain developed now available on Android and receive a reward of $157,000. The top prize of $1.5 million was awarded to the Titan-M Security chip breach on Pixel devices.”

The total reward awarded for Chrome bugs is up to 3.2 million USD in 2021, and the highest reward is awarded up to 45,000 USD.

Google says it has paid no less than $3.1 million for security flaws in the browser and $250.5 thousand has been awarded to ChromeOS researchers.

Last year, the bounty awarded for bugs discovered on Google Play also amounted to 550,000 USD and a total of 60 researchers were paid last year.

Refer to Softpedia