Security and safety are one of the major concerns in today’s technical world. Thus, various companies including Microsoft, Facebook and Google keep making required changes to improve them on the grounds of security. Despite this, some bugs are missed out by the companies that could severely compromise the security of their services.
Then comes in the picture, bug bounty programmes. The Companies like Microsoft, Apple, Facebook and Google hire cybersecurity researchers, ethical hackers. These researchers and hackers highlight susceptibilities in their services. And, the companies pay researchers for any ‘bugs’ or software flaws located by them in their products. The rewards are popularly called ‘Bugs bounty.’
Aman Pandey- the Indian who kept Android safe for all
For those unversed, Google, Facebook, and Microsoft all have their dedicated bug bounty programs. Google has recently honoured Aman Pandey for his exemplary achievements. Aman reportedly had found Android bugs to ensure the safety of the website. A few days back, Google’s bug bounty program revealed, “It paid around ₹65 crores to one Indore-based Aman Pandey of BugsMirror for discovering vulnerabilities across its platforms as a part of its Vulnerability Reward Program in 2021”.
Google, in a blog post, has revealed the 2021 year review in terms of the ‘Vulnerability Reward Program’ where the security researchers highlight the vulnerabilities in Google services. that “Aman Pandey, an Indian cybersecurity researcher and founder and CEO at Bugsmirror, was one of the top researchers of the tech giant’s Vulnerability Reward Program (VRP) last year. Pandey uncovered and submitted 232 vulnerabilities in Android just last year. He had been reporting flaws since 2019, and has so far submitted over 280 valid vulnerabilities to the Android program.”
While interacting with the media, Aman stated, “I have been working on security research for almost four years now. And the Bugsmirror team’s incessant passion and hard-work towards security research has helped us to indigenously design and develop applications embedded with algorithms. These helped us locate vulnerabilities at an unmatched speed and accuracy. Programs like this (Google’s) helped not just research companies like ours, but even general users in understanding the importance of privacy and security research.”
2021- An year dedicated to the bug bounty programme
As per Google, it has rewarded $8.7 million as part of its Vulnerability Reward Program (VRP) in 2021. And the number stood at $3 million ($2,935,244 or approximately Rs 22 crore) for Android alone. A total of 119 researchers from all over the world have been rewarded for highlighting critical flaws in Android.
The program also paid out the highest in the history this year, that is, $157,000 for an exploit chain discovered in Android. It also offered a $1.5 million bounty for finding compromises in its Titan-M security chip that the company uses in its Pixel mobile devices.
Google’s bug bounty program witnessed a total reward of $3,288,000 (approximately Rs 24.6 crores) to 115 researchers for its Chrome browser. $3.1 million, of the total amount, was awarded for vulnerabilities in Chrome browser and $250,000 for Chrome OS vulnerabilities.
However, an Indian being recognized worldwide is proof that India’s expertise is unparalleled in the digital world.
