In an effort to squash bugs and security problems in its consoles Sony has announced the “PlayStation Bug Bounty program” in collaboration with the cybersecurity platform HackerOne.
“We believe that through working with the security research community we can deliver a safer place to play. We have partnered with HackerOne to help run this program, and we are inviting the security research community, gamers, and anyone else to test the security of PlayStation 4 and PlayStation Network. Our bug bounty program has rewards for various issues, including critical issues on PS4. Critical vulnerabilities for PS4 have bounties starting at $50,000,” writes Geoff Norton, senior director software engineering at Sony Interactive Entertainment.
At the time of writing $50 000 is worth around R873 160, so it’s a lot of money regardless of where you live.
Norton goes on to say that Sony has been running a similar program in private with select researchers, but has expanded it to all takers to enhance security.
Interestingly no mention is made of the PlayStation 5, either on the dedicated HackerOne page or in the announcement on the PlayStation Blog. We assume that, once this new ecosystem launches at the end of 2020, the bounty program will expand to include it.
Outside of the PS4, vulnerabilities in the PlayStation Network are also fair game. While something on the scale of the 2011 PlayStation Network outage hasn’t hit the company for many years, it’s always good to be proactive in the world of security.
If you’d like to get involved head to HackerOne to find the full scope, breakdown of the rewards on offer and details for responsible disclosure. At the time of writing $173 900 (~R3 million) worth of bounties have been paid.
If you go to the “hacktivity” section, however, it seems like this was all when the program was closed off to the public. It will be interesting to see how that number grows now that most people can participate.