Google's vulnerability reward program turned 15 in 2025, and the numbers from their annual review tell a story that every security team should pay attention to.
The Scale of External Research
The Google Vulnerability Reward Program started in 2010. Fifteen years later, Google has paid out millions to external researchers and hosted dedicated bug-bounty sprints that bring in hundreds of quality reports. In 2025 alone, their Cloud bugSWAT event in Sunnyvale produced 130 reports with $1.6 million in rewards paid out. Their first dedicated AI bugSWAT in Tokyo generated over 70 reports and more than $400,000 in payouts.
These are not trivial numbers. They represent a serious financial commitment to external security research, and the volume of reports suggests it is working.
AI Vulnerability Research Gets Its Own Program
One of 2025's notable changes was the launch of a dedicated AI Vulnerability Rewards Program. Previously, AI-related findings were folded into the main VRP. Now they have a dedicated track, which signals that Google considers AI security a distinct discipline requiring specialized attention.
The Chrome VRP followed the same pattern, adding reward categories specifically for AI features built into the browser.
Open Source Tooling Rewards
Google also launched a patch rewards program for OSV-SCALIBR, their open-source tool for finding vulnerabilities in software dependencies. Contributors who patch issues in the rewarded projects get paid. This is interesting because it incentivizes fixing problems, not just finding them.
What This Means For Your Security Program
Google's approach demonstrates that mature vulnerability programs do not operate on a single track. They run continuous rewards, dedicated live events, open-source tool maintenance programs, and increasingly specialized categories aligned with emerging technology (AI, cloud, dependencies).
If you run a security program, the question to ask is: are you only rewarding findings, or are you also incentivizing the maintenance and hardening of the tools your broader community depends on?
The Bottom Line
Fifteen years and counting. Multiple millions in rewards. Hundreds of reports per event. Dedicated programs for AI and cloud. Google's VRP is one of the most mature bug bounty programs in existence, and their 2025 review shows they are expanding rather than plateauing.
For defensive teams, the takeaway is clear: external researchers are finding real issues at scale. If you are not running some form of coordinated disclosure or bounty program, you are leaving findings on the table.
Full story: https://security.googleblog.com/2026/03/vrp-2025-year-in-review.html
What is your take โ should more organizations run dedicated AI security bounty programs? Drop your thoughts below.
More at https://securitycyber.uk
Mastodon: https://infosec.exchange/@securitycyber
LinkedIn: https://www.linkedin.com/in/charlie-collins-sec
Bluesky: https://bsky.app/profile/securitycyberuk.bsky.social
Substack: https://securitycyber.substack.com
Discord: https://discord.gg/securitycyber
Recommended resources to go deeper: https://www.hackthebox.com for hands-on practice, https://portswigger.net/web-security for free web security labs, and https://academy.tcm-sec.com for structured courses.
Originally published at https://securitycyber.uk
Top comments (0)