Security News > 2023 > February > Google boosts bounties for open source flaws found via fuzzing
Google sweetened the potential pot to $30,000 for bug hunters in its open source OSS-Fuzz code testing project.
On Wednesday, Google increased bounties for fuzzing coverage projects, and added rewards for some FuzzBench integrations.
The new sanitizers must find at least two legit vulnerabilities in an open source project, and the max payout for this new rewards category is also $11,337.
"These changes boost the total rewards possible per project integration from a maximum of $20,000 to $30,000," Google Oliver Chang explained in a blog about the updates.
Last year, Google launched the OpenSSF FuzzIntrospector tool and integrated it into OSS-Fuzz.
OSS-Fuzz Rewards is part of Google's broader Patch Rewards Program that incentivizes finding and fixing security flaws in open source security.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/02/01/google_fuzz_rewards/