Google this week launched an AI Vulnerability Reward Program to pay security researchers who find and report flaws in the company’s AI systems, the company said. The program targets high-impact issues in flagship products including Google Search (on google.com), Gemini Apps on Web, Android and iOS, and core Google Workspace applications such as Gmail, Drive, Meet and Calendar.
The program also covers AI features in high-sensitivity products such as AI Studio and Jules, as well as non-core Workspace apps and other AI integrations, according to Google. Rewards can reach up to $30,000 for individual quality reports, with Google pointing researchers to its report quality framework and “novelty bonus multipliers” that can increase payouts.
For standard security flaw reports, Google said the top bounty for defects that could enable rogue actions in a flagship product is up to $20,000. The company also listed awards of up to $15,000 for sensitive data exfiltration, and up to $5,000 for issues such as phishing enablement and model theft.
The program defines categories and tiers with varying rewards. For example, the “Flagship” tier lists $20,000 for rogue actions (S1) and $5,000 for phishing enablement (A1), while lower tiers and “Other” products carry smaller amounts or credit-only recognition, the company said in its announcement.
Google said the move builds on earlier efforts to extend its Vulnerability Reward Program to AI products and noted its longer-running bug bounty work. The company linked to a 2023 post outlining its reward criteria for AI and to an earlier 2010 post marking the launch of its first vulnerability reward program: Google’s reward criteria for reporting bugs in AI product and went live in 2010.