Spotted a bug? Report it on the new Google bug bounty platform

Google announced a new site for bug hunters

New Google bounty platformGoogle has announced the launch of a new bug bounty platform that will make it easier to submit issues.

As Google with great joy celebrated the 10th anniversary of its Vulnerability Rewards Program (VRP),[1] the well-known tech company announced a new bug bounty platform for vulnerability hunters.[2] This platform can be found by visiting the website.

Recalling the very beginning, Jan Keller, technical program manager for Google's VRP, proudly said:[3]

When we launched our very first VRP, we had no idea how many valid vulnerabilities – if any – would be submitted on the first day. Everyone on the team put in their estimate, with predictions ranging from zero to 20. In the end, we actually received more than 25 reports, taking all of us by surprise.

As the specialist notes, over the 10 years, the vulnerabilities report program has grown rapidly not only in terms of report volume but also expanded its team of security engineers. Almost 20 bug hunters who reported issues to Google eventually joined the Google VRP team. It is because of this success Google has decided to launch a new bug bounty platform, which should attract even more bug hunters than before.

Users will be able to report Google, Chrome, Android, Abuse, and Play bugs in one place

The new Google bug bounty platform seems quite user-friendly, as bug hunters will be able to report observed problems more easily than before. The tech giant decided to bring all its VRPs to one place, so users will be able to submit Google, Android, Abuse, Chrome, and Play vulnerabilities[4] by using a single intake form. J. Keller explained:

We know the value that knowledge sharing brings to our community. That's why we want to make it easier for you to publish your bug reports.

In addition, this platform will provide more opportunities to interact with other hunters, including awards and badges for certain bug reports. The tech giant has also improved lists of VPR leaders to be more functional and aesthetic. Users will be able to see the best hunters in each country, making it much easier to use these results to boost a CV when applying for a job in the tech field. Such achievements are highly valued by tech companies.

Bug hunters can study at the newly created Bug Hunter University

And that’s not all. The new platform is also great for users who want to learn more about bugs and reports because the platform is quite simple to use. Google has even decided to launch Bug Hunter University[5] where users will be able to improve their skills and learn how to submit a successful vulnerability report. The content in this so-called university will be useful for growing cybersecurity specialists and individuals who like similar topics.

It is important to note that research papers on the security of open source will be eligible for a reward, just like open-source software patch submissions. Also, users improving security in open source programs will be able to apply for a grant to better secure their own projects.

According to Google, VRP and its community has accomplished big things over the past 10 years. The tech company has successfully:

  • Rewarded 11,055 bugs;
  • Rewarded 2,022 researchers;

The total amount of money for all rewards received by bug hunters is really high – $29,357,516. If the new bug bounty platform will be as successful as Google expects, those numbers will grow even faster in the future. This way various vulnerabilities will be noticed more quickly than before. At the same time, it is a great opportunity for users to make extra money.

About the author
Jake Doevan
Jake Doevan - Computer technology expert

Jake Doevan is one of News Editors for He graduated from the Washington and Jefferson College , Communication and Journalism studies.

Contact Jake Doevan
About the company Esolutions