Researcher discovered a critical exploit chain in Android (CVE-2021-39698), receiving the highest payout in Android VRP history of $157,000. Yu-Cheng Lin (林禹成) ( ) has been another phenomenal researcher for the Android VRP, submitting a whopping 128 valid reports to the program in 2021. We would like to give a special shoutout to some of our top researchers whose continued hard work keeps Android safe and secure:Īman Pandey of Bugsmirror Team has skyrocketed to our top researcher last year, submitting 232 vulnerabilities in 2021! Since submitting their first report in 2019, Aman has reported over 280 valid vulnerabilities to the Android VRP and has been a crucial part of making our program so successful. We now offer swag ! The first 20 folks who share this blog post on Twitter and tag will receive a gift voucher for swag in their DMs. That’s why we want to make it easier for you to publish your bug reports. Streamlined publication process: we know the value that knowledge sharing brings to our community. We know a lot of you are using your achievements in our VRPs to find jobs (we’re hiring!) and we hope this acts as a useful resource.Ī stronger emphasis on learning: bug hunters can improve their skills through the content available in our new Bug Hunter University More opportunities for interaction and a bit of healthy competition through gamification, per-country leaderboards, awards/badges for certain bugs, and more!Ī more functional and aesthetically pleasing leaderboard. We’re excited about everything the new Bug Hunters portal has to offer, including:
This new platform brings all of our VRPs (Google, Android, Abuse, Chrome, and Google Play) closer together and provides a single intake form, making security bug submission easier than ever. We also launched in 2021, a public researcher portal dedicated to keeping Google products and the internet safe and secure.
Thanks to these incredible researchers, Vulnerability Reward Programs across Google continued to grow, and we are excited to report that in 2021 we awarded a record breaking $8,700,000 in vulnerability rewards – with researchers donating over $300,000 of their rewards to a charity of their choice. Throughout 2021, we partnered with the security researcher community to identify and fix thousands of vulnerabilities – helping keep our users and the internet safe. Last year was another record setter for our Vulnerability Reward Programs (VRPs).
0 kommentar(er)
