Google Paid Over $29 Million in Bug Bounty Rewards in 10 Years


Since the launch of Google Vulnerability Rewards Program (VRP) 10 years ago, the company said it paid bounties on 11,055 vulnerabilities that were reported by 2,022 researchers from 84 countries. To date, the company paid a total of $29,357,516.

Separately, the search giant announced that it is bringing all of its VRPs (Abuse, Android, Chrome, Google, and Play) together on a single online platform —

With the new website, Google wants to make it easier for researchers to submit security flaw discoveries, while also offering a series of additional improvements, such as more interaction opportunities, a redesigned leaderboard, the opportunity for researchers to improve their skills at a Bug Hunter University, a streamlined process for publishing bug reports, and more.