Sony invites everyone to spot bugs on its PlayStation platform for cash up to $ 50,000.
The entertainment giant has actually set up a bug bounty program for some time, but has run it privately with selected researchers. This week's announcement means the program is now open to everyone, including "the security research community, gamers, and everyone else," wrote Geoff Norton, senior director of software engineering at Sony, in a blog post about the expansion.
To make the move easier, Sony teamed up with HackerOne, a Silicon Valley company that runs such programs.
Sony wants users to test the security of the PlayStation 4 game console and PlayStation Network digital media entertainment service. The bug bounty program offers various cash rewards depending on the severity of the problem and the quality of the report. Payouts start at $ 100 for a low-rated vulnerability discovered on the PlayStation Network and more valuable payouts of $ 400, $ 1,000 and $ 3,000.
If you spot a low-rated vulnerability on PlayStation 4, you can count on $ 500, higher payouts of $ 2,500, 10,000, and $ 50,000 for the most critical vulnerability.
Data released on HackerOne's website shows that this special bug bounty program – before it was released this week – has paid out $ 173,900 to researchers who reported vulnerabilities, with an average bounty of $ 400 -Dollars. The program has paid out $ 61,000 in the past 90 days alone.
HackerOne advises that Sony only grants a bounty to the first researcher to report a previously unreported vulnerability.
Sony: Creating a "Safer Place to Play"
"We believe that working with the security research community can provide a safer place to play," Norton wrote in his post. "I am pleased to announce today that we have launched a public PlayStation bug bounty program because the security of our products is an integral part of creating amazing experiences for our community."
Bug bounty programs are widely used by technology companies as they work to strengthen their digital defenses. Google announced earlier this year that it paid a total of $ 6.5 million to researchers in 2019 who identified critical vulnerabilities in its software, with the largest single payment worth a whopping $ 201,000.
Interested in getting involved? For detailed information on Sony's bug bounty program, see the list on the HackerOne website.