If vulnerabilities are found as part of a research grant, those vulnerabilities will also qualify for individual rewards through the other programs, so the grants do not replace individual bug bounties but complement them.
Furthermore, researchers who have already participated in the company's existing reward programs and received bug bounties for their findings will have a higher chance of obtaining a grant. Their applications will be prioritized over those of newcomers.
The company also extended its Vulnerability Reward Program to cover mobile applications developed by Google and distributed through Google Play and iTunes. The VRP previously covered only Google's online services and its extensions and apps for Google Chrome
Sign up for CIO Asia eNewsletters.