Sony launched today a bug bounty program for the PlayStation Network and the PlayStation 4 gaming console, a company spokesperson told ZDNet.
The program aims to reward security researchers who find bugs in PlayStation-related devices and websites and report them to Sony’s security team to have them patched before getting exploited.
Sony says it plans to pay security researchers between $100 and up to $50,000 for vulnerabilities reported in the company’s products.
Eligible services include the Sony PlayStation 4 gaming console, its operating system, official PS4 accessories, but also the PlayStation Network and related websites.
Sony’s new vulnerability rewards program (VRP, also known as a bug bounty program) will be managed through HackerOne, a platform that hosts bug bounty programs for some of the world’s largest companies, such as PayPal, Twitter, Snapchat, Shopify, General Motors, Slack, and Uber.
Before making its bug bounty program public today, the company has been running a private invite-only VRP since last year, the company said.
Last of the big three, but the biggest rewards
Sony is the last of the big three major gaming companies to launch an official bug bounty program. Nintendo was the first company to launch one in 2016, followed by Microsoft for its Xbox gaming platform in January 2020.
While Sony was the last one to the party, the company is offering by far the biggest rewards, with a maximum bounty of up to $50,000, compared to only $20,000 offered by both Microsoft and Nintendo.
In the grand scheme of things, Sony has a real interest in securing its gaming platforms. Hackers have been heavily targeting gaming accounts, which they usually abuse for fraud or put up for sale online, on underground hacking forums.
Source : ZDNet