Google adds generative AI threats to its bug bounty program
The rewards could be big, too
Google has extended its Vulnerability Rewards Program to cover bugs relating to generative AI in a move that will benefit both developers and consumers.
The company’s bug bounty program is already a well-known initiative designed to keep users safe, and has paid out millions in rewards over the years, including more than $12 million in 2022 alone.
Extending its VRP to cover under-the-radar faults with GenAI is another way of ensuring responsible AI, says the company, which earlier this year committed to advancing the discovery of vulnerabilities in AI systems together with other leading AI companies.
Google announces VRP for AI
Speaking about a new generation of vulnerabilities that need addressing, Trust & Safety VP Laurie Richardson and Privacy, Safety, and Security Engineering VP Royal Hansen said:
“Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or misinterpretations of data (hallucinations).”
They added: “We expect this will spur security researchers to submit more bugs and accelerate the goal of a safer and more secure generative AI.”
A set of guidelines for the AI-focused portion of Google’s VRP has been published, and set out a series of cases that would be considered in scope.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More broadly, Google’s Vulnerability Rewards Program pays between $500 and $31,337 for the highest severity vulnerabilities that permit the takeover of a Google account. Even the lowest eligible security vulnerability rewards promise to pay out $100.
Richardson and Hansen summarize the announcement: “Our hope is that by incentivizing more security research while applying supply chain security to AI, we’ll spark even more collaboration with the open source security community and others in industry, and ultimately help make AI safer for everyone.”
More from TechRadar Pro
- Need a productivity boost? These are the best AI writers
- Calling all bug bounty hunters - Google has expanded its challenge to V8 and Cloud
- Not a cybersecurity pro? The best firewalls and the best endpoint protection should give you some extra protection
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!