Google Doubles Rewards for Nest and Fitbit Vulnerabilities

Google on Tuesday announced that security researchers submitting eligible Google Nest and Fitbit vulnerability reports through its bug bounty program can now receive double the usual bounty payouts.

Running on Google’s Bug Hunters platform, the bug bounty program for Nest and Fitbit devices covers cameras, doorbells, door locks, speakers, displays, thermostats, Google WiFi and Nest WiFi, Chromecast, Nest Protect, and Fibit Versa 3, Sense, Luxe, Inspire 2, and Charge 5.

Only vulnerabilities that are not already covered by other rewards programs at Google are considered eligible under the bug bounty program.

Google’s new vulnerability rewards structure will remain in place for the next six months, and the company is also looking to pay out higher rewards retroactively, for the eligible Nest and Fitbit vulnerability reports submitted in 2021.

“We will continue to take reports on our web applications, services, and mobile apps at their existing reward levels,” Google announced.

[ READ: Google Paid Out $8.7 Million in Bug Bounty Rewards in 2021 ]

Additionally, the internet giant announced that it is bringing together all of its first-party devices under a single program. This includes Google Pixel, Nest, and Fibit devices.

“This program extends the Android Security Reward Program, making it easier for researchers to submit a vulnerability in first-party devices and improving consistency across our severity assignments,” the company says.

Google underlines that it is looking to receive reports covering vulnerabilities in the firmware, system software, and even the hardware of its devices.

Further information on Google’s bug bounty program, including eligibility and reward amounts, can be found on the Bug Hunters platform.

Related: Google Offering $91,000 Rewards for Linux Kernel, GKE Zero-Days

Related: 1Password Increases Top Bug Bounty Reward to $1 Million

Related: Salesforce Paid Out $12.2 Million in Bug Bounty Rewards to Date