Tech giant Google has announced that it is expanding its existing bug bounty program to include its artificial intelligence (AI) and generative AI (GenAI) solutions. The announcement was made on the company’s blog on October 26, emphasizing its commitment to White House initiatives calling for secure and responsible AI by American tech companies.
Google’s Approach to Explainable AI
The expansion of Google’s existing Vulnerability Rewards Program (VRP) to include AI and generative AI offerings of first-party Google capabilities is significant. First, it hopes to inspire greater confidence amongst the public, enterprises, and governments globally that Google takes AI safety and security seriously.
It also helps reinforce concepts such as “explainable AI” or “xAI” to open-source more security efforts about AI supply chain security universally discoverable and verifiable, according to Google.
Google has outlined what’s in scope for rewards within the VRP program, which include various attack scenarios including prompt attacks, training data extraction, model theft and exfiltration, and determining model weights of a proprietary model. The complete list is documented on their security blog.
Ethical Hacking can Pay Off
Google states in the announcement that it issued over $12 million in rewards to security researchers last year alone.
If you’d like to participate in this ethical hacking effort and possibly be rewarded in cash, check out the links above for more details and head to their official Bug Hunting vulnerability disclosure page.
Disclaimer: The author of this article is a current employee of Google. This article does not represent the views or opinions of his employer and is not meant to be an official statement for Google, or Google Cloud.
