Sony has made its bug Bounty Programme for PlayStation Network public and PlayStation 4 console. It is a reward for researchers or who finds a bug in Sony PlayStation realted devices and report it to the company. So it can fix it before the same is exploited. As per the Sony blog post, basically the bug bounty programme or other rewards programme was initially to researchers only, but this programme has now been opened to the public. It has been managed by Hackerone, which is know for hosting such programme for other compy. Also with this Sony joins there two competitor Nintendo and Microsoft both of which started their own bug bounty programme.
Sony announced in its post that “We deliver a safe place to play, so we have partnered with Hackerone because we believe that working with the security research community is important. So Hackerone help us to run this programme and we inviting all the security researchers, gamers and anyone else to test the security of PlayStation Network and PlayStation 4″.
Bug Bounty Programme Rewards
As per the information mentioned on Hackerone, Sony is offering multiple reward denomination depending on the bug. In case of low risk bugs comes with a $100 reward, medium risk bugs come with a $400 reward, high risk bugs have $1000 reward and critical bugs have a $3000 reward this rewards only to find bug in PlayStation Network. For PlayStation 4 low risk get $500 reward, medium risk bugs have $2500 reward, high risk bugs get $10000 reward and for critical bug get an extreme level of reward of $50000. As compare to both companies Nintendo and Microsoft which offer $20000 reward, Sony is offering the highest maximum reward.
The bugs related to PlayStation operating system and it’s accessories. The operating system includes the current beta version of system software. Sony state that the reported bug or vulnerability should be new and not previously reported and its sole discretion will determine whether or not a bounty should be rewarded. “Reward amounts will differ based on vulnerability severity and the level of bug like low, medium and high. Sony will only award a bounty to first researcher not for second researchers”, the Hackerone page states. On other hand Microsoft started its bug bounty programme in late January this year. It’s rewards start at $500 for low risk bug and go up to $20000 for critical bugs.