Google has revealed an expansion to its Vulnerability Reward Program (VRP). It is designed to encourage privately reporting security flaws in open source software in exchange for monetary rewards.
Google launched its Vulnerability Reward Program (VRP) way back in 2010. As the name suggests, it encourages researchers and cybersecurity experts to detect security issues and exploits, and then report them privately to the vendor. Upon reporting, these bugs would then be fixed by the company and the person who identified the issue would be given a monetary award. Over the past few years, Google has worked on unifying the platform and expanding it to cover more platforms. Today, the company has announced yet another expansion, this time in the open source software (OSS) space.
