Google has applauded the efforts of an Indian cyber security researcher to report and submit vulnerabilities in Android, making the OS secure for all of us.
Google revealed in a blog post that Aman Pandey of Bugsmirror was considered the top-notch researcher in terms of reporting and submitting vulnerabilities. In 2021 alone, Pandey introduced 232 vulnerabilities.
Founded in Indore, Bugsmirror is founded by Aman Pandey (who is also the CEO of the company). He has graduated from NIT Bhopal. And even though the company was only founded in 2021, the company has been instrumental in finding vulnerabilities in early 2019.
Google’s Sarah Jacobs from the Vulnerability Rewards team highlights that since Pande submitted his first report in 2019, he has managed to report over 280 vulnerabilities to the Android Vulnerability Rewards program, while making are also an important part. The program was so successful.
Google also paid out a whopping $8.7 million in vulnerability awards. The firm’s security researchers have reported vulnerabilities not only in Android but also in Google Chrome, Search, Play and other products.
Jacobs highlighted that the maximum bounty was offered for vulnerabilities observed on Android. In fact, payouts doubled from 2020 to 2021 with prizes of around $3 million. In addition, Google awarded the highest payout in VRP history in 2021 for an exploit chain discovered in Android, receiving a reward of $157,000.
Approximately 115 Chrome VRP researchers were rewarded for 333 unique Chrome security bug reports submitted in 2021, totaling $2.2 million in VRP rewards. Of the total $3.3 million, $3.1 million was given for Chrome browser security bugs and $250,000 for Chrome OS bugs.