Google Bug Bounty$
By Sumir Singh

Google has released details of how many bugs were reported and how much cash doled out to security experts who found flaws in Google’s computer systems.  Google hands out cash awards to anyone who can help detect bugs and make its systems more secure

“
At the end of the first week in Nov, 2010, when we announced the vulnerability reward program, we ended up with 43 bug reports. Over the course of the program, we’ve seen more than 1100 legitimate issues (ranging from low severity to higher) reported by over 200 individuals, with 730 of those bugs qualifying for a reward. Roughly half of the bugs that received a reward were discovered in software written by approximately 50 companies that Google acquired; the rest were distributed across applications developed by Google (several hundred new ones each year). Significantly, the vast majority of our initial bug reporters had never filed bugs with us before we started offering monetary rewards.

A well-run vulnerability reward program attracts high quality reports, and we’ve seen a whole lot of them. To date we’ve paid out over $410,000 for web app vulnerabilities to directly support researchers and their efforts. Thanks to the generosity of these bug reporters, we have also donated $19,000 to charities of their choice
 “