Sony starts PlayStation bug bounty programme with $50,000 reward



Sony has launched a bug bounty program whereby users can submit security errors in the PlayStation 4 in exchange for payments.

The company is inviting the security research community to test both the PlayStation 4 and PlayStation network.

Rewards for critical vulnerabilities discovered start at $50,000 (approximately £40,000).

“To date, we have been running our bug bounty program privately with some researchers. We recognise the valuable role that the research community plays in enhancing security, so we’re excited to announce our program for the broader community.” wrote Sony’s Senior Director Software Engineering Geoff Norton in a blog post.


According to HackerOne, which Sony is partnering with to conduct this bug bounty program, since the program was launched there have been 88 reports resolved, with an average bounty of $400.

As of writing, $173,900 has been paid to bounty hunters, with $2,500-$40,000 being the top bounty range for high or critical vulnerabilities.

The company will not accept bugs found in PlayStation 1, PlayStation 2, PlayStation 3, PS Vita and PSP consoles, or any other hardware.

For the PlayStation Network, the following domains are within the scope of the reward program:

  • *.playstation.net
  • *.sonyentertainmentnetwork.com
  • *.api.playstation.com
  • my.playstation.com
  • store.playstation.com
  • social.playstation.com
  • transact.playstation.com
  • wallets.api.playstation.com

“PlayStation will determine, in its sole discretion, whether a bounty will be awarded. Reward amounts will differ based on vulnerability severity, as well as the quality of the report. Sony will only award a bounty to the first researcher to have reported a previously unreported, vulnerability,” HackerOne also says.

READ  Global blockchain unicorn Bitfury launches music business

Sony is, of course, not the only company to offer a bug bounty program. Microsoft has said it will pay up to $20,000 to anyone who can find problems with Xbox Live.

Facebook has also offered $10,000 to anyone who can hack its Libra cryptocurrency, while Apple recently had to pay $100,000 to a researcher who found a security flaw with the “Sign in with Apple” feature.



READ SOURCE

LEAVE A REPLY

Please enter your comment!
Please enter your name here