THE Google launched last year an expansion in the amount paid to users who discover bugs and vulnerabilities that could compromise the Linux Kernel, Kubernetes, GKE or kCTF. The company considers that this increase generated a boost for users, which caused more errors to be reported, because of this, it is expanding the amount paid at least until the end of 2022.
With that, until the end of this year the search giant will pay $20,000 to $91,337 for researchers who can find vulnerabilities in these technologies. Both the maximum and minimum amounts have been changed by the company, last year it was paying between $31,337 to $50,337.
This company incentive is for users to look for and report issues that could primarily compromise the cluster. kCTF (Kubernetes Capture The Flag) from Google. The company hopes this new value will further encourage researchers to look for vulnerabilities that could cause problems in its services, last year the company claims it received nine applications, paying over $175,000 to whoever discovered themwith three of them already being fixed.
Credits: Google Disclosure
According to the company, two of the three bugs found had already been fixed by it before they were even reported, the errors fixed by the company are: CVE-2021-4154, CVE-2021-22600 (patch) and CVE-2022-0185 (writeup). Based on the experience it had in the expanded pricing period last year, the search giant has made some changes to the processes for reporting an issue, adding new rules, conditions, and rewards.
The company claims that now only the first submission of a farm will be valid, no longer paying for sending duplicate exploits. But in some cases it will open loopholes, like a duplicate error reported on day 0 and some other circumstances.
According to Googlethe new amounts paid to researchers will be valid “at least until the end of the year”, all the rules for submitting a vulnerability to the company can be read in this publication at the Google Security Blog.
Are you thinking about buying a product online? Discover the Save the Connected World extension for Google Chrome. It is free and offers you price comparisons at major stores and coupons so you can always buy at the best price. Download now.