Google paid researchers over $3m last year for their contributions to its vulnerability rewards programs. From a ZDNet report: Payouts in 2016 take Google’s total payments under its bug bounty schemes to $9m since it started rewarding researchers in 2010. In 2015 it paid researchers $2m, which brought its total then to $6m. It’s not uncommon for tech companies to run bug bounties these days, but while many rely on third-party platforms, Google has been responsible for verifying bugs for over six years now. Occasionally, Google expands its program to cover new products, such as Android, and new devices such as OnHub and Nest. Facebook, Microsoft, and most recently Apple are also running their own bug bounties.
of this story at Slashdot.