Copying the Mozilla’s way of finding critical security bugs in web browser, Google also increased the bounty it offers for finding security vulnerabilities in its popular Google Chrome browser.
The Google bounty program launched in January, serves the purpose of making the browser secure by offering rewards to users who could report potential and big vulnerabilities. As posted on the official post made in January this year, company is:
rewarding select interesting and original vulnerabilities reported to us by the security research community.” And had noted that it “may be seen as a token of appreciation.
Slashdot also agrees that this increase in “token of appreciation” is due to Mozilla increasing their maximum bounty amount to $3,000 last week. The developers also said that “the increased reward reflects the fact that the sandbox architecture of browser makes it harder to find bugs of higher severity in the browser”.
The blog post also stresses that the panel can consider rewarding less serious bugs with more money if the bug reports are of high quality. High quality bug reporting includes “careful test case reduction, an accurate analysis of root cause, or productive discussion towards resolution.”
You can read more about bug reporting for Google Chrome here.