Sony has announced it is taking its bug bounty program public as it looks to track down vulnerabilities on both the PlayStation 4 and PlayStation Network.
In a blog post, senior director of software engineering at SIE, Geoff Norton explained why the company has now decided to open its bug bounty program up to the public, saying:
“To date, we have been running our bug bounty program privately with some researchers. We recognize the valuable role that the research community plays in enhancing security, so we’re excited to announce our program for the broader community.”
Unlike Microsoft which launched its Xbox bounty program on its own earlier this year, PlayStation is partnering with the bug bounty platform HackerOne which will pay out to security researchers who discover any vulnerabilities.
PlayStation Bug Bounty program
According to the program’s HackerOne page, finding vulnerabilities in the PlayStation Network will net researchers anywhere from $100 for low severity vulnerabilities and all the way up to $3,000 for critical vulnerabilities. PlayStation 4 vulnerabilities though could be much more profitable for researchers as the company will pay $500 for low severity vulnerabilities and critical vulnerabilities have bounties starting at $50,000.
Sony’s past consoles including the PlayStation, PlayStation 2, PlayStation 3, PS Vita and PSP are out of the program’s scope and any vulnerabilities discovered in them will not lead to a bug bounty reward.
PlayStation’s bug bounty program will not only benefit security researchers but also gamers, as the security of the company’s products is a “fundamental part of creating amazing experiences” for its community.