Google Ups Product-Abuse Bug Bounties

2020-09-03 17:20

"The nature of product abuse is constantly changing," wrote Google's Marc Henson, lead and program manager for Trust & Safety, and Anna Hupa, senior strategist, in a blog this week.

"The final reward amount for a given abuse risk report also remains at the discretion of the reward panel. When evaluating the impact of an abuse risk, the panels look at both the severity of the issue as well as the number of impacted users."

The internet giant has so far identified more than 750 previously unknown product abuse risks through the program, they said.

Last year for instance it debuted the Developer Data Protection Reward Program, which offers up to $50,000 for reports on violations of the Google Play, Google API and Google Chrome Web Store Extension program privacy policies.

Hear from top Bug Bounty Program experts how to juggle public versus private programs and how to navigate the tricky terrain of managing Bug Hunters, disclosure policies and budgets.

News URL

https://threatpost.com/google-product-abuse-bug-bounties/158940/

#bugbounties #google

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Google		102	253	4216	4506	727	9702