Google has launched its Open Source Software Vulnerability Rewards Program (OSS VRP) – see https:// bit.ly/lxf295ossvrp. As the company behind major open source projects such as Golang and Fuchsia, as well as being one of the largest open source contributors, Google is obviously keen on making sure its own projects, as well as those it relies on, are as secure as possible.
The OSS VRP joins Google’s other Vulnerability Rewards Program (VRP), which has been running for almost 12 years, and has paid out over $38 million to people who have successfully submitted vulnerabilities.