Google bug bounty program to enhance app security
Google has launched the bug bounty program for third-party application in Android play store. In this program, ethical hackers will interact directly with the developers of popular apps via a common platform and are in for $1,000 bounty reward on reporting critical vulnerabilities.
Google announced its bug bounty program on Thursday saying that the goal of the program is to further improve app security which will benefit developers, Android users, and the entire Google Play ecosystem.
Bug hunters who want to participate in the program can examine apps from the vendors and can get at least $1,000 for each bug they find. However, they not only have to report the bug but also get it fixed, only after that they can apply for the reward.
Besides this, not all flaws will get the bounty, only the ones that expose the Android OS to exploitation. At this stage, Google wants news of remote-code-execution vulnerabilities (vulnerabilities that may allow an attacker to execute custom commands on victim’s devices and steal their data/cause denial of service) for Android 4.4 devices and higher and – if possible – proof-of-concept exploits should be provided.
For now, only selected apps are included in this program. This includes the likes of Dropbox, Tinder and Snapchat. In future, more apps will be added provided the developers can commit to fixing the bugs as soon as they are reported.
Tags: Google bug bounty program, app security, bug bounty program, third party application, android play store, hackers, Bug hunters, Android OS, Dropbox, varindia
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.