Bounty offerings for security bugs keep growing. Google is now just 10x behind both Microsoft and Mozilla on vulnerability rewards, and not 15x as before:https://security.googleblog.com/2019/07/bigger-rewards-for-security-bugs.html …
-
-
$500 (G) vs. $4k (M) for the same class of bugs (memory corruption in browser renderer)
-
Hmm, I don't see those figures listed on the pages. Mozilla says baseline $3k for renderer RCE (baseline generally means fuzzer output without analysis). G says $2k-5k for baseline, depending on severity. Both pay the same ($7.5k / $10k) for reports w/analysis. Seem close enough?pic.twitter.com/nVmEtkG98a
- 8 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
