So more and more large companies are officially recognizing service flaws, paying money for them, but we have no way to track it =(.
https://security.googleblog.com/2018/08/expanding-our-vulnerability-reward.html Since 2010, Google’s Vulnerability Reward Programs have awarded more than $12 million dollars to researchers and created a thriving Google-focused security community. For the past two years, some of these rewards were for bug reports that were not strictly security vulnerabilities, but techniques that allow third parties to successfully bypass our abuse, fraud, and spam systems. Today, we are expanding our Vulnerability Reward Program to formally invite researchers to submit these reports. This expansion is intended to reward research that helps us mitigate potential abuse methods. A few examples of potentially valid reports for this program could include bypassing our account recovery systems at scale, identifying services vulnerable to brute force attacks, circumventing restrictions on content use and sharing, or purchasing items from Google without paying. Valid reports tend to result in changes to the product’s code, as opposed to removal of individual pieces of content. Kurt Seifried
[hidden email] |
Was there a WG that was being co-sponsored with the CSA that was supposedly forming? Thank you, Gracias, Grazie, 谢谢, Merci!, Спасибо!, Danke!, ありがとう, धन्यवाद! -- Kent Landfield +1.817.637.8026 From:
Kurt Seifried <[hidden email]>
So more and more large companies are officially recognizing service flaws, paying money for them, but we have no way to track it =(.
https://security.googleblog.com/2018/08/expanding-our-vulnerability-reward.html
Since 2010, Google’s Vulnerability Reward Programs have awarded
more than $12 million dollars to researchers and created a thriving
Google-focused security community. For the past two years, some of these rewards were for bug reports that were not strictly security vulnerabilities, but techniques that allow third
parties to successfully bypass our abuse, fraud, and spam systems. -- Kurt Seifried |
Yes, I'm behind on a lot of stuff due to personal commitments with my kids over the summer. On Fri, Aug 17, 2018 at 9:28 AM, Landfield, Kent <[hidden email]> wrote:
Kurt Seifried
[hidden email] |
Free forum by Nabble | Edit this page |