Chromium Security Reward is a incentive program for external researchers who report original vulnerabilities in Google Chrome browser. “Since its launch, we’ve been notified of numerous bugs, we maintain a list of issued rewards on Chromium security page. As list indicates, a range of researchers have sent us some great bugs and the rewards are flowing!,” said Google.
We’are now modifying the program: “maximum reward for a single bug is increased to $3,133.7. We’ll most likely use this amout for SecSeverity-Critical bugs in Chromium. The increased reward reflects the fact that the sandbox makes it harder to find bugs of this severity. And, base reward for less serious bugs remains at $500, panel will consider rewarding more for high-quality bug reports. Factors indicating a high-quality bug report might include a careful test case reduction, an accurate analysis of root cause, or productive discussion towards resolution.”