Google awarded me 10 million 632 researchers from 68 countries in 2023 to find and responsibly report security flaws in the company's products and services.
Although this amount is lower than Google's $12 million Vulnerability Reward Program paid to researchers in 2022, the amount is still quite significant, demonstrating the high level of community involvement to Google's security efforts.
The highest reward for a vulnerability report in 2023 was $113.337, while the total payout since the program's inception in 2010 reached $59 million.
For Android, the world's most popular and widely used mobile operating system, the program awarded more than $3,4 million.
Google also increased the maximum reward amount for critical Android vulnerabilities to $15.000, leading to increased reports from the community.
During security conferences such as ESCAL8 and hardwea.io, Google allocated $70.000 to 20 critical breakthroughs in Wear OS and Android Automotive OS, and another $116.000 to 50 reports on Nest, Fitbit, and Wearables issues.
Google's other major project, the Chrome browser, was the subject of 359 security bug reports, and the company paid a total of $2,1 million.