Threat Hunting, Cloud Security

Google launches new site for bug hunters

Share
The Manhattan Google headquarters is seen on Jan. 25, 2021, in New York City. Google launched a new site to celebrate its Vulnerability Rewards Program on July 27. (Michael M. Santiago/Getty Images)

Google on Tuesday celebrated the anniversary of its Vulnerability Rewards Program (VRP) by launching bughunters.google.com, a site that brings together all of the VRPs it has for Google, Android, Abuse, Chrome, and Play, and puts them on a single intake form that aims to make it easier for bug hunters to submit issues.

Along with the single intake form, Google touts a more interactive, gamified site that offers per-country leaderboards and awards for finding certain bugs. The site also features opportunities for bug hunters to improve their skills through Bug Hunter University.

Cyber defense stands to benefit from more and better crowdsourcing opportunities, said Hitesh Sheth, president and CEO at Vectra.

“Some believe information sharing heightens risk, if only the erosion of some competitive edge,” Sheth said. “But in truth, if all the white hats work in isolation, the all-too-frequent results are duplication of effort, missed signals, and unwanted outcomes. Another community of strong actors dedicated to better security through information sharing is a net positive step. Remember, the black hats collude against us this way every hour of the day.”

Hank Schless, senior manager, security solutions at Lookout, added that Google has done a great job of essentially crowdsourcing their bug and vulnerability reporting, and with this new program they’ll grow their community. 

“Google has always taken a more open approach to its software than comparable companies,” he said. “Android, for example, is built on open-source technology that enables more customization of the OS. Relying on others to help report on issues is a key part of creating a secure customer experience that can continue to improve.”

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.