Google has increased the size of payments to developers for found vulnerabilities. Payouts increased by 2–3
How much and what to pay
The amount of reward depends on the amount of work done, the criticality of the found vulnerability and the quality of the report performed.
So the maximum payout amount per reportThe usual vulnerability is now $ 15 thousand. Previously paid three times less - $ 5 thousand. For a detailed report with an example of software that uses the vulnerability, up to $ 30 thousand will be paid (earlier - up to $ 15 thousand).
Maximum reward can be obtained forvulnerabilities that could compromise a Chromebook or Chromebox in guest mode via Chrome OS. Previously, they were paid $ 100 thousand, now - $ 150 thousand.
Recall Google launched the programrewards for found Google Chrome Vulnerability Rewards Program vulnerabilities in 2010. Since then, the company has received 8.5 thousand reports of errors and paid for them more than $ 5 million.