Google launches bug bounties for generative AI attack scenarios
Google is taking steps to address cyber risks associated with generative artificial intelligence (GenAI) by expanding its bug bounty scheme, the Vulnerability Rewards Program (VRP) to encompass attack scenarios specific to the generative AI supply chain.
Laurie Richardson, vice-president of trust and safety, and Royal Hansen, vice-president of privacy, safety and security engineering, said the firm believed taking this step would not only bring potential security issues to light quicker and make AI safer for everyone, but incentivise the wider community to do more research around AI safety and security.
“As part of expanding VRP for AI, we’re taking a fresh look at how bugs should be categorised and reported. Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or misinterpretations of data [or] hallucinations,” they said.
“As we continue to integrate generative AI into more products and features, our Trust and Safety teams are leveraging decades of experience and taking a comprehensive approach to better anticipate and test for these potential risks.
“But we understand that outside security researchers can help us find, and address, novel vulnerabilities that will in turn make our generative AI products even safer and more secure. In August, we joined the White House and industry peers to enable thousands of third-party security researchers to find potential issues at DEF CON’s largest-ever public Generative AI Red Team event.
Your Comment :