This week, Google has launched an AI Valnarability reward program dedicated to security researchers who discover and report flaws in the company’s AI system.
The new bug bounty program focuses on the most impressive issues in the highest-profile AI products, including Google Search (on Google.com), Gugini Apps (Web, Android, and iOS), and Google Written Cooperation Core Apps (eg, Gmail, Drive, Meat, Calendar, and others).
Other in-Pakope products include high-sensitivity Google AI products, such as AI studios and jules, as well as Google workpiece non-core apps and other AI facilities in other AI integration in Google products.
Awards for weaknesses can reach $ 30,000 for individual quality reports Newness bonus multiplierWhile a standard security defect report comes with a top prize of up to $ 20,000, while giving details of the safety bug which can trigger evil functions in a major product.
Researchers can also receive a prize of $ 15,000 for sensitive data exfoliation bugs, and up to $ 5,000 for fishing enabling and model theft issues.
| Category / VRP product level | Chief | Standard | Other |
|---|---|---|---|
| S1: crook action | $ 20,000 | $ 15,000 | $ 10,000 |
| S2: Sensitive Data Exfility | $ 15,000 | $ 15,000 | $ 10,000 |
| A1: Fishing enabling | $ 5,000 | $ 500 | Credit |
| A2: Model Theft | $ 5,000 | $ 500 | Credit |
| A3: References Herfer | $ 5,000 | $ 500 | Credit |
| A4: Access Control bypass | $ 2,500 | $ 250 | Credit |
| A5: Unauthorized Product Uses | $ 1,000 | $ 100 | Credit |
| A6: Cross-user denial of service | $ 500 | $ 100 | Credit |
“In October 2023, we announced Google Reward Center for Bugs reporting in AI productGoogle said, “Google said,” said Google, “said Google,” said Google, “Google said,” Google said, “Google said,” said “Google said,” said Google said, “Google said,” Google said, “said Google said,” Google said, “said Google.”
“As we celebrate the second year of the AI Bug Bunty in Google, we are excited to discuss what we have learned, and to announce the launch of our new, dedicated AI vulnerable reward program!”
In March, the company also announced that it had honored 660 researchers around $ 12 million in Bug Bounty Rewards, who in 2024 had discovered and reported security bugs through the company’s vulnerability prize program (VRP).
Google has awarded $ 65 million in Bug Bount since its first vulnerable reward program Live in 2010More than $ 110,000 with the highest prize paid last year.
A year ago, in 2023, the discovery giant also paid $ 10 million to $ 10 million to 632 researchers for reporting responsibility for safety defects in his products and services.
attend Violation and attack simulation summit And experience Future of security verificationListen to top experts and see how AI-managed base Breach is changing and attacking simulation.
Do not remember the event that will shape the future of your safety strategy
