Sony launches PlayStation bug bounty program with $50K+ rewards

Sony launches PlayStation bug bounty program with $50K+ rewards

Sony launches PlayStation bug bounty program with $50K+ rewards

Sony has launched a Bug Bounty Program where it will pay users for hacking into the PlayStation system with payouts reaching up to $50,000. Sony's previous PlayStation Bug Bounty Programs were all private efforts. It is being managed through Hackerone, which is known for hosting such programmes for other large companies.

The company said that thus far, it was running a bug bounty program privately with some researchers.

"We believe that through working with the security research community we can deliver a safer place to play", Sony stated.

The program is being run in partnership with HackerOne, with the rewards for finding a flaw scaling depending on the severity of the vulnerability found and whether it affects PlayStation 4 or PlayStation network. So while it is a PlayStation bug, it is not a PlayStation Bug Bounty bug. Sony has divided the rewards into critical, high severity, medium severity, and low severity groups. Sony is offering the highest maximum reward compared to Microsoft and Nintendo, both of which offer a maximum of $20,000 (roughly Rs. 15.1 lakh).

Qualified PlayStation bug bounty program submissions are eligible for bounty payouts ranging from $100 for a low severity PlayStation Network vulnerability to $50,000 for a PlayStation 4 critical flaw. Submissions should focus on the current released system software, or a beta version fo system software.

The table below outlines the estimated rewards for each level of vulnerability on the PlayStation 4 and PlayStation Network.

However, just like Sony, Microsoft added that "h$3 igher awards are possible, at Microsoft's sole discretion, based on report quality and vulnerability impact".

Sony encouraged participants to disclose bugs responsibly, by reporting issues promptly, with sufficient detail to determine the validity of the vulnerability, and without coercion, dishonesty, or fraudulent intent.

Related news



[an error occurred while processing the directive]