Home / Google Chrome / Google Extends Security Rewards Program To Official Chrome Apps and Extensions

Google Extends Security Rewards Program To Official Chrome Apps and Extensions

Developer/security researchers, good news for you. Google announced the other day that they are extending the security rewards program to cover their own Chrome apps and extensions.

That means, if you can find a security bug in one of the official Chrome apps and extensions, you are eligible for a reward, in dollars. Here is the official announcement.

Starting today, we will broaden the scope of our vulnerability reward program to also include all Chrome apps and extensions developed and branded as “by Google.” We think developing Chrome extensions securely is relatively easy (given our security guidelines are followed), but given that extensions like Hangouts and Gmail are widely used, we want to make sure efforts to keep them secure are rewarded accordingly.

The rewards for each vulnerability will range from the usual $500 up to $10,000 USD and will depend on the permissions and the data each extension handles. If you find a vulnerability in any Google-developed Chrome Extensions, please contact us at goo.gl/vulnz.

Start your bug hunt now.

Join 4,027 other subscribers



Leave a Reply

Your email address will not be published.