PlayStation Announces Bug Bounty Program

PlayStation has announced that it will pay hackers thousands of dollars to unearth vulnerabilities in its network and entertainment products.
The gaming titan launched its PlayStation Bug Bounty program yesterday morning in hopes of rooting out flaws and providing players with a more secure user experience.

The initiative is being run in collaboration with well-known security platform HackerOne.

PlayStation has been running a private Bug Bounty program for some time in partnership with an elite group of researchers. Now, for the first time in the 26-year-old gaming console’s history, the public are being invited to report bugs in return for cash.

A PlayStation spokesperson said: “We have partnered with HackerOne to help run this program, and we are inviting the security research community, gamers, and anyone else to test the security of PlayStation 4 and PlayStation Network.”

The new program recognizes the high levels of skill and resourcefulness needed to be among the ethical hacking netizenry.

“To date, we have been running our bug bounty program privately with some researchers,” said PlayStation. “We recognize the valuable role that the research community plays in enhancing security, so we’re excited to announce our program for the broader community.”

Under the new program, vulnerabilities will attract different sized monetary rewards depending on their severity and on the quality of the report submitted.

While hackers are invited to flag flaws in both the PlayStation Network and the PlayStation 4, higher bounties will be awarded for faults found in the latter. Detecting a critical vulnerability impacting PlayStation 4 could earn an ethical hacker an extremely pretty penny.

“Our bug bounty program has rewards for various issues, including critical issues on PS4,” said a PlayStation spokesperson. “Critical vulnerabilities for PS4 have bounties starting at $50,000.”

PlayStation did not reveal the maximum amount that could be paid out for a single flaw.

Explaining which flaws they are most concerned about, PlayStation said: “We are currently interested in reports on the PlayStation 4 system, operating system, accessories and the PlayStation Network.”

Domains within the scope include .playstation.net, .sonyentertainmentnetwork.com, api.playstation.com, my.playstation.com, store.playstation.com, social.playstation.com, transact.playstation.com and wallets.api.playstation.com.

This post was originally published by Infosecurity Magazine on infosecurity-magazine.com

Related posts