One Article Review
| Source |  GoogleSec |
|---|---|
| Identifiant | 8469137 |
| Date de publication | 2024-03-12 11:59:14 (vue: 2024-03-23 17:07:04) |
| Titre | Programme de récompense de vulnérabilité: 2023 Année en revue Vulnerability Reward Program: 2023 Year in Review |
| Texte | Posted by Sarah Jacobus, Vulnerability Rewards Team
Last year, we again witnessed the power of community-driven security efforts as researchers from around the world contributed to help us identify and address thousands of vulnerabilities in our products and services. Working with our dedicated bug hunter community, we awarded $10 million to our 600+ researchers based in 68 countries.
New Resources and Improvements
Just like every year, 2023 brought a series of changes and improvements to our vulnerability reward programs:
Through our new Bonus Awards program, we now periodically offer time-limited, extra rewards for reports to specific VRP targets.
We expanded our exploit reward program to Chrome and Cloud through the launch of v8CTF, a CTF focused on V8, the JavaScript engine that powers Chrome.
We launched Mobile VRP which focuses on first-party Android applications.
Our new Bughunters blog shared ways in which we make the internet, as a whole, safer, and what that journey entails. Take a look at our ever-growing repository of posts!
To further our engagement with top security researchers, we also hosted our yearly security conference ESCAL8 in Tokyo. It included live hacking events and competitions, student training with our init.g workshops, and talks from researchers and Googlers. Stay tuned for details on ESCAL8 2024.
As in past years, we are sharing our 2023 Year in Review statistics across all of our programs. We would like to give a special thank you to all of our dedicated researchers for their continued work with our programs - we look forward to more collaboration in the future!
Android and Google Devices
In 2023, the Android VRP achieved significant milestones, reflecting our dedication to securing the Android ecosystem. We awarded over $3.4 million in rewards to researchers who uncovered remarkable vulnerabilities within Android |
| Envoyé | Oui |
| Condensat | $10 $116 $15 $30 $50 $70 $87 000 000” 116 2023 2024 359 600+ @androbugs @ele7enxxh Lin Yucheng able achieved across adam adapt added additional address advancements again ahead aims all also amber amount amounts amy android announcing any apart applications apps are around automotive awarded awards bacchus bard based been before blog bonus both brought browser bug bughunters bugs bugswat bypass bypasses capped chain challenges changes channels cheng chrome closely cloud code collaboration commitments committed community competitions conference conferences continue continued continuing contributed contributing contributions countries criteria critical ctf cybersecurity data dedicated dedication details devices difficulty dirk discovered discovering discovery door double drive driven ecosystem eduardo efforts emerging engage engagement engine ensure entails escal8 event events ever every everyone evolving exfiltration” existing expanded expanding expected experimentation exploit exploitable exploitation extra facilitate finding first fitbit focus focused focuses follow forward foster fostering from full fully fun further future gave generative give gone google googlers got greater growing göhmann hacked hacking han hard hardware hardwear has have help helping high higher highly hosted house huge hunter identify impactful implementing improvements incentives incentivize included including increased increasing init injection innovation internet introduced invited issues jacobus jan javascript jit johann joseph journey july just justin kai keller know lab large last launch launched least leaving like limited lin live llm long look looking lot lower m105 m91 made make martin maximum meet mendez milestone milestones million miracleptr mission mitigated mobile more nest new non not now october off offer offering older one ongoing open oppo optimization out over part participate party past periodically platform platforms play popular posted posts posture potential power powers previous products program program: programs programs: prompt protected protection publicly published quality raising ran received recently reflecting remain remarkable renderer report reported reporters reports repository research researcher researchers resilient resources ressler result resulted review reward rewarded rewards risks roni safe safer safety sarah saw scope secure securing security series services severity shared sharing sharpened shout significant since some special specific spotlight standard statistics stay straka strengthen student success such sun systems take talks targeting targets team technologies technology testing than thank these thousands threats through time tokyo tony top total totaling toward traditional training transparency triple tuned uafs unclaimed uncovered unique users v8ctf vela very voluntary vrp vrps vulnerabilities vulnerability way ways wear wearable wearables well what which white who whole within witnessed work working workshops world would year yearly years your zinuo “hacking “we |
| Tags | Vulnerability Threat Mobile Cloud Conference |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.