Google, Microsoft hand out cash for bugs detected in their system

711
0
Share:

Major tech companies like Google and Microsoft, have programs that will pay you real money for discovering flaws, vulnerabilities or bugs in their systems.

Both Google and Microsoft recently decided to up the ante in their bounty programs, jacking up the amount they pay people for finding bugs. Google made the first increase, and then Microsoft literally doubled down on its own program, as FossBeta reports.

Google increased its largest award level to $31,337 for anyone identifying a remote code execution vulnerability. That’s a more than 50 per cent increase from the previous cap of $20,000.

Unrestricted file system or database access bugs can bring the successful bounty hunter between $10,000 and $13,337.

Google’s bounty program pays out for vulnerabilities discovered in various Google properties such as Google Search, the Chrome web store, Google play, and more. Some of the specific bugs that Google is looking for are command injections, deserialization flaws, and sandbox escapes.

Microsoft is looking for cross site-scripting, cross-site request forgery, and a variety of other flaws in its systems. The company has recently suffered some zero-day bugs identified and publicized by the Google Zero program before it could fix them, which might be part of the reason why Microsoft doubled its bug bounty from $15,000 to $30,000

 

Share:

Leave a reply