Google Pays Out $10 Million in Bug Bounties in 2023, Continuing Major Investment in Security
-
Google paid $10 million in bug bounty rewards to 632 researchers from 68 countries in 2023, lower than the $12 million paid in 2022 but still significant.
-
The highest single reward paid was $113,337. Since 2010, Google has paid out $59 million in total through its Vulnerability Reward Program.
-
For Android vulnerabilities, over $3.4 million was awarded. Google increased the maximum Android reward to $15,000.
-
The Chrome browser was the subject of 359 paid reports totaling $2.1 million. Rewards were temporarily tripled for sandbox escape exploits.
-
Google hosted live hacking events, expanded rewards programs, and took other steps to improve security across its products and services.