is serious about security. It announced Friday that it paid $3.4 million to 317 different security researchers in the past year — up from the $2.9 million it gave to 274 researchers the prior
The company paid out more than $15 million since launching its bug bounty program in November 2010.
Vulnerabilities in Android and Chrome received the most attention. Google
awarded half — about $1.7 million — of last year’s rewards to these researchers.
Google’s financial rewards for security bugs range from $100 to $200,000, based on the discovery.
In 2018, however, the biggest single reward was $41,000.
Google also worked closely with security and privacy experts in academia, collaborating on specific research projects, according to Google.
This type of work also helps improve data
privacy and security in the long term.
Last year, Google announced the Security and Privacy research awards that recognize academics who have made major contributions to the field. Award winners are selected by a committee of senior
security and privacy researchers at Google.
Today, Google unveiled the 2018 winners. And on their behalf, the company will make a financial contribution to their universities totaling more
than half a million dollars:
Alina Oprea, Northeastern University: Cloud Security
Matthew Green, Johns Hopkins: Cryptography
Thorsten Holz, Ruhr-Universität Bochum,
Alastair Beresford, Cambridge : Usable security and privacy, mobile security
Carmela Troncoso, Ecole Polytechnique Usable de Lausanne: Privacy/Security ML
Wash, Michigan State University: Usable Privacy and Security
Prateek Saxena, National University of Singapore: ML/Web security