all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Learnings from kCTF VRP's 42 Linux kernel exploits submissions

Add to bookmarks
June 14, 2023, 3:59 p.m. | Kimberly Samra (noreply@blogger.com)

Google Online Security Blog security.googleblog.com

Tamás Koczka, Security Engineer


In 2020, we integrated kCTF into Google's Vulnerability Rewards Program (VRP) to support researchers evaluating the security of Google Kubernetes Engine (GKE) and the underlying Linux kernel. As the Linux kernel is a key component not just for Google, but for the Internet, we started heavily investing in this area. We extended the VRP's scope and maximum reward in 2021 (to $50k), then again in February 2022 (to $91k), and finally in August 2022 (to …

engine exploits gke google google kubernetes engine internet investing kernel key kubernetes linux linux kernel program researchers rewards security support vrp vulnerability

Visit resource

More from security.googleblog.com / Google Online Security Blog

Your Google Account allows you to create passkeys on your phone, computer and security keys 2 days, 2 hours ago | security.googleblog.com
account accounts apps brand +18
Detecting browser data theft using Windows Event Logs 3 days, 22 hours ago | security.googleblog.com
application attackers browser can +25
How we fought bad apps and bad actors in 2023 4 days, 22 hours ago | security.googleblog.com
android android security apps bad +18
Accelerating incident response using generative AI 1 week ago | security.googleblog.com
automation block diana discover +21
Uncovering potential threats to your web application by leveraging security reports 1 week, 3 days ago | security.googleblog.com
api apis application browsers +15
Prevent Generative AI Data Leaks with Chrome Enterprise DLP 2 weeks, 1 day ago | security.googleblog.com
ai data businesses can chrome +23
How we built the new Find My Device network with user security and privacy in … 3 weeks, 4 days ago | security.googleblog.com
android android security crowdsourced data +13
Google Public DNS’s approach to fight against cache poisoning attacks 1 month ago | security.googleblog.com
addresses attacks cache cache poisoning +21
Address Sanitizer for Bare-metal Firmware 1 month, 1 week ago | security.googleblog.com
address android android security area +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

QA Customer Response Engineer

@ ORBCOMM | Sterling, VA Office, Sterling, VA, US
View on infosec-jobs.com

Enterprise Security Architect

@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site
View on infosec-jobs.com

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

@ Sierra Nevada Corporation | Dayton, OH - OH OD1
View on infosec-jobs.com

Senior Development Security Analyst (REMOTE)

@ Oracle | United States
View on infosec-jobs.com

Software Engineer - Network Security

@ Cloudflare, Inc. | Remote
View on infosec-jobs.com

Software Engineer, Cryptography Services

@ Robinhood | Toronto, ON
View on infosec-jobs.com
View more jobs