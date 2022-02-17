Google has named an Indore-based techie one of the top researchers of its Vulnerability Reward Program (VRP) last year, the tech giant revealed in a blog post.

It said that Aman Pandey, an Indian cybersecurity researcher and founder and CEO at Bugsmirror, uncovered and submitted 232 vulnerabilities in Android just last year.

According to the blog post, the techie has been reporting flaws since 2019, and has so far submitted over 280 valid vulnerabilities to the Android program.

Pandey, a BTech graduate from NIT Bhopal, has been working on security research for almost four years. He said his company Bugsmirror was also set up with the aim to secure people against cyber security threats.

"Programs like this (Google’s) helped not just research companies like ours, but even general users in understanding the importance of privacy and security research," The Indian Express quoted Pandey as saying.

In addition to this, Google also made a special mention of Yu-Cheng Lin, a Chinese Android security researcher, who submitted a total of 128 valid reports in 2021.

Further, the tech giant's blog post stated that it has paid out $8.7 million as part of its Vulnerability Reward Program (VRP) in 2021.

For Android alone, it had paid out $3 million ($2,935,244 or approximately ₹22 crore) in rewards. This was nearly double the previous year’s figure. A total of 119 researchers worldwide were awarded for finding critical flaws in Android.

It also awarded the highest payout in history this year – $157,000 for an exploit chain discovered in Android. In addition to this, it announced $1,500,000 for a compromise of the Titan-M Security chip used in its Pixel device. However, prize remains unclaimed so far.

Google's VRP also set records this year, with 115 Chrome VRP researchers being rewarded for 333 unique Chrome security bug reports submitted in 2021, totalling $3.3 million in VRP rewards.

Of the $3.3 million, $3.1 million was awarded for Chrome Browser security bugs and $250,500 for Chrome OS bugs, including a $45,000 top reward amount for an individual Chrome OS security bug report and $27,000 for an individual Chrome Browser security bug report.

“The contributions not only help us to improve Chrome, but also the web at large by bolstering the security of all browsers based on Chromium," the blog post read.

