Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Google Creates COVID-19 Grant Fund to Boost Bug Hunting

Google this week announced the creation of a COVID-19 grant fund aimed to help bug hunters who participate in its Vulnerability Reward Program (VRP).

Google this week announced the creation of a COVID-19 grant fund aimed to help bug hunters who participate in its Vulnerability Reward Program (VRP).

The newly introduced grant fund is a temporary expansion of the Internet giant’s Vulnerability Research Grant program, which was introduced in 2015 to recognize the time and efforts of security researchers, even if they do not find vulnerabilities.

With the current COVID-19 pandemic forcing many people to work from home, the expansion is ultimately meant to help keeping users protected, while also supporting Google’s community of security researchers.

“In light of new challenges caused by the coronavirus outbreak, we are expanding this initiative by creating a COVID-19 grant fund,” Google announced.

According to Google, all VRP bug hunters who submitted at least two remunerated reports between 2018 and April 2020 are eligible for a $1,337 research grant.

“We are dedicating these grants to support our researchers during this time. We are committed to protecting our users and we want to encourage the research community to help us identify threats and to prevent potential vulnerabilities in our products,” Google says.

The grants are meant to recognize the efforts of frequent researchers regardless of the result of their reports. However, bugs found during the grant are also eligible for regular rewards.

If the reporters are not interested in monetary gains but wish to donate the grant to an established COVID-19 related charity, Google says it will monetarily match the donations, within its discretion.

The Vulnerability Research Grant program will continue throughout 2020, so even researchers who start bug hunting now could become eligible.

Related: Google Offering Higher Bonuses for Cloud Platform Vulnerabilities

Related: Google Paid Out $6.5 Million Through Bug Bounty Programs in 2019

Related: Google Sees Millions of COVID-19-Related Malicious Emails Daily

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.