Overview
- Google has expanded its Bug Bounty Program to include Generative AI vulnerabilities, offering more than $30,000 to ethical hackers who identify these vulnerabilities.
- Vulnerabilities can include prompt injection attacks, model manipulations and theft, and training data extraction within AI products such as ChatGPT and Google Bard.
- Google aims to address new security threats posed by the rise of generative AI chatbots, prompting this expansion in the Bug Bounty Program to encourage advancements in AI safety.
- The reward size for identified vulnerabilities will vary based on severity, with some serious vulnerabilities in Google Search or Google Play offering rewards of up to $31,337.
- Apart from expanding the scope of its bug bounty program to include generative AI, Google also introduced the Secure AI Framework to support the creation of responsible and safe AI applications, and it's collaborating with the Open Source Security Foundation to ensure the integrity of AI supply chains.