Select Page

Alphabet’s main company is upgrading its defenses. Google sets up a bug hunting research, as well as a special security team in 2020.

Today, we’ll cover both cybersecurity measures that are taking place.

Let’s take a look at what they’re doing right now. Maybe you can learn something to replicate for your own business.

 

Google Sets up Bug Hunting Research in 2020

First of all, let’s talk about their Bug Hunting program. We just released an article about Bug Bounty, and this is exactly that. 

Google’s new program reaches out to researchers and academics who would like to be sponsored after finding vulnerabilities in JavaScript engines.

All programs follow a set of rules to apply and are eligible for your reward. In this case, the requirement is to identify bugs using “fuzzing“which is studying the behavior of software with the help of random or invalid data input. 

This method is well-known in the cybersecurity industry, but in most cases, only big companies can afford these tests. It requires fancier and more expensive computing resources, compared with other techniques. 

Are you a security researcher? Then Google made this one for you. 

Their goal is to level-up the already protected ecosystem of apps while solving particular problems, like late paydays and even, no payday whatsoever. 

At least, that’s what they announced in this blog post

You can submit a proposal there and apply for funds for its new pilot program. 

They’ll analyze each submission and say will also provide an answer to applicants inside a two-week period.

If yours gets accepted, then you’ll receive up to $5,000 in funds provided as credits (Google Computer Engine/Cloud’s heavy infrastructure) to avoid being misused. 

Google’s bug-hunting program started on October 1, 2020, and it will last to October 1, 2021.

This one is inspired by its own open-source fuzzing tool. 

It supports fuzzing distribution on GCE (obviously encouraged by Google). Researchers can choose between JavaScriptCore (Safari), V8 (Chrome and Microsoft Edge), and Spidermonkey (Firefox)…

But other browser engines can be pitched inside your submission proposal. 

Now, there is good news beyond the scope of security experts.

Consumers can also get some hope back after reading what the Special Security Team of Google will take care of from now on.

Google Special Security Team in 2020

 

Google Special Security Team to Hunt Down Contact Tracing Apps

The COVID-19 pandemic and the 2020’s US presidential elections were two events with major media attention, equal as a lot of opportunities to hackers and scammers. 

Google has this one clear and on the radar.

That’s why they will be hiring and setting up a special security team, to hunt down contact tracing apps for Andriod devices. 

They’ll dedicate to find vulnerabilities from Apps published on the Google Play Store.

This will work independently, through the Google Play Security Reward Program (GPSRP). 

It goes like this: Researches reports bugs to Google and they pay on behalf of the app owners/creators. But, be aware that the program is limited to apps with +100 million users.

Even if they reach or overpass the number of users, some apps that handle many sensitive data will be ignored by bug hunters and excluded from the Google Play reward program. Still, in most cases, this won’t happen. 

So it’s great news for everybody knowing that the best cybersecurity players will be looking after you, avoiding possible harmful consequences. 

Indeed, there are people who want the best for you (because it would also represent the best for them, as well). 

I know that because the digital world is so vast and full of terrors, you might still be skeptical of others protecting your back.

In the case of MyITGuy, our team of IT experts is active 24/7 to consult, troubleshoot, and protect you from cyberattacks that could take you down in minutes.

Want to recover your peace of mind? Let’s talk!