Sony Offers $50K for Critical PS4 Vulnerabilities

Sony Offers $50K for Critical PS4 Vulnerabilities

"We are inviting the security research community, gamers, and anyone else to test the security of PlayStation 4 and PlayStation Network", said Norton. Sony is willing to pay large sums of money for vulnerabilities found - even more so for what Sony describes as "critical issues" on the PS4.

In a blog entry, Sony Interactive Entertainment's senior director of software engineering, Geoff Norton, announced the launch of a public PlayStation Bug Bounty program that is created to encourage the security research community, gamers and anyone who's interested to look for security vulnerabilities in the PS4 and PlayStation Network and report them to the company.

PS4 security bugs could net them between $500 and $50,000, and potentially beyond. To be clear, the bug bounty program has been around for awhile.

Norton also said that this bug bounty program was already running privately with some security researchers but that it jas now expanded to include the broader research community as recognition to its valuable role in enhancing security. With this, Sony joins Nintendo and Microsoft, both of which previously started their own bug bounty programme.

The programme, which has opened up to the public this week, has in total - at the time of writing - paid out nearly $174,000 in bounties.

The bounties will be awarded at Sony's discretion based on the severity and impact of the disclosed security issues, as well as the quality of the submission.

The bugs can be related to the PlayStation operating system and its accessories as well.

You can find more information about the exact details of the program and eligibility at PlayStation's HackerOne page.

One is for the PlayStation Network itself, while the other is for the PlayStation 4. "We believe that through close partnerships with the security research community we can deliver a safer place to play".

Reports about vulnerabilities in older or earlier software versions might be accepted on a case-by-case basis.

While for the PlayStation Network the following domains are "in scope".

Related Articles