November 4, 2016
It is a well-known fact that Google loves to give novice programmers, white hat hackers and security researchers an opportunity to prove their skills and capabilities by participating in Google’s Vulnerability Reward program.
Google invites researchers from all across the globe to find out flaws in its newest or existing applications, extensions, software and operating system that are available at Google Play, Chrome Web Store and/or iTunes. In return, the successful candidate is awarded prizes. The core objective of these programs is to make Google’s apps and systems more protected and secure.
However, it isn’t an easy feat to accomplish since to qualify for Google’s VRP, it was vital that the bug/vulnerability is identified in any of these categories mentioned below:
“Cross-site scripting,
Cross-site request forgery,
Mixed-content scripts,
Authentication or authorization flaws,
Server-side code execution bugs”
When the vulnerability is identified as a valid one, the hacker can expect to receive up to $20,000 by Google.