The Independent's journalism is supported by our readers. When you purchase through links on our site, we may earn commission.
Sony starts PlayStation bug bounty programme with $50,000 reward
Nearly $180,000 has been paid to bounty hunters so far
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Sony has launched a bug bounty program whereby users can submit security errors in the PlayStation 4 in exchange for payments.
The company is inviting the security research community to test both the PlayStation 4 and PlayStation network.
Rewards for critical vulnerabilities discovered start at $50,000 (approximately £40,000).
“To date, we have been running our bug bounty program privately with some researchers. We recognise the valuable role that the research community plays in enhancing security, so we’re excited to announce our program for the broader community.” wrote Sony’s Senior Director Software Engineering Geoff Norton in a blog post.
According to HackerOne, which Sony is partnering with to conduct this bug bounty program, since the program was launched there have been 88 reports resolved, with an average bounty of $400.
As of writing, $173,900 has been paid to bounty hunters, with $2,500-$40,000 being the top bounty range for high or critical vulnerabilities.
The company will not accept bugs found in PlayStation 1, PlayStation 2, PlayStation 3, PS Vita and PSP consoles, or any other hardware.
For the PlayStation Network, the following domains are within the scope of the reward program:
- *.playstation.net
- *.sonyentertainmentnetwork.com
- *.api.playstation.com
- my.playstation.com
- store.playstation.com
- social.playstation.com
- transact.playstation.com
- wallets.api.playstation.com
“PlayStation will determine, in its sole discretion, whether a bounty will be awarded. Reward amounts will differ based on vulnerability severity, as well as the quality of the report. Sony will only award a bounty to the first researcher to have reported a previously unreported, vulnerability,” HackerOne also says.
Sony is, of course, not the only company to offer a bug bounty program. Microsoft has said it will pay up to $20,000 to anyone who can find problems with Xbox Live.
Facebook has also offered $10,000 to anyone who can hack its Libra cryptocurrency, while Apple recently had to pay $100,000 to a researcher who found a security flaw with the “Sign in with Apple” feature.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments