In collaboration with the HackerOne online security platform, Sony introduced its bug bounty program that encourages users to detect bugs and security breaches in the Playstation 5, PlayStation 4, and PlayStation Network. Those who report the most serious vulnerabilities can receive $50,000 or more. Want to know more details?
What is the Sony bug bounty program?
The Sony bug reward program had been running privately for some cybersecurity researchers. However, the company decided to open it up to the general public to strengthen the security of its products with the help of the community and thus “provide a better gaming experience", said Sony Interactive Entertainment's (SIE) Senior Director of Software Engineering, Geoff Norton, on the corporate blog.
What are the rewards?
PlayStation assesses the severity of the reported vulnerability and the quality of the report to determine if there is a reward. However, through the platform, you can see that over $175,000 has already been paid out. It is worth mentioning that Sony only awards money to the first person who reports a security breach that has never been reported before.
The rewards are categorized as follow:
- Critical level: $50,000
- High level: $10,000
- Medium level: $2,500
- Low level: $500
PlayStation 4
- Critical level: $50,000
- High level: $10,000
- Medium level: $2,500
- Low level: $500
PlayStation Network
- Critical level: $3,000
- High level: $1,000
- Medium level: $400
- Low level: $100
Sony will not consider vulnerabilities found in PlayStation 1, PlayStation 2, PlayStation 3, PS Vita, PSP, other accessories, domains, or third-party software. Additionally, as part of the partnership between PlayStation and HackerOne, payments are made by the online error reward platform.
Who can participate?
Currently, the Bug Bounty program is aimed at the gaming community, researchers, and anyone who wants to test the PlayStation 5/4 and PlayStation Network security system. But, of course, this excludes SIE employees, contractors, service providers, and families.
Products and services
1. The PlayStation 5 and Playstation 4 consoles, operating system, and hardware (either the current or beta version of the software). Depending on each case, PlayStation could evaluate the possibility of accepting reports on previous versions.
2. The following domains of the PlayStation Network platform:
- .playstation.net
- .sonyentertainmentnetwork.com
- .api.playstation.com
- my.playstation.com
- store.playstation.com
- social.playstation.com
- transact.playstation.com
- wallets.api.playstation.com
Find out more about PlayStation's 'Bug Bounty Program' policy here.
How do you report vulnerabilities?
If you find a vulnerability bug, you can submit a report from the HackerOne platform:
- First, create an account and log in.
- Then go to the program's website and click on Submit report to submit your report.
- Remember to provide enough details for HackerOne to check the validity of the vulnerability. In addition, the platform may ask you for additional information.
Important: As part of the Bug Bounty program, PlayStation relies on the good faith of researchers, users, and hackers and therefore requests that they do not access, use or transfer any information they may find. For more information on responsible vulnerability disclosure, consult the dedicated page.
PlayStation
- Hackerone playstation
- Playstation network api
- Hackerone
- Hackerone : A bug bounty program by Facebook and Microsoft
- Facebook's Bug Bounties are Shrinking
- Facebook Reveals India Tops Bug Bounties
- Apple's Bug Bounty Bested by Broker
- Apple Places Bounty on Software Bugs
- PS3 not reading discs: how to fix, after update
- PS4 controller not responding: white light, in game, on pc
- Expand your PS5 storage: internal, external
- PSP update: 6.61, firmware, PlayStation
- Too many USB devices connected PS4: fix the error
- How to turn off sound on PS4 controller
- How to turn off vibration on PS4 controller: on PC, Fortnite
- PS3 recovery mode: without controller, not working
- PS3 can't obtain IP address: PlayStation 3 fix
- How to reset PS3 controller: on PC, without reset button
- How to connect PS4 controller to PS5
- PS3 error codes and solutions
- How to check battery on PlayStation controller: PS4, PS5
- How to fix a slow PSP
- PS4 safe mode: options, not working
- Link PlayStation 4: to Facebook, to Twitter
- PS4 audio output settings: for headphones
- How to update PS3 with USB: safe mode
- How to play PlayStation 4 games online
- Reset PlayStation 3: display settings HDMI
- PS3 mode not supported: Samsung HDMI, on TV
- PS4 auto shutdown: after download, in rest mode
- How to turn off PS4 system sounds
- How long to charge PlayStation controller: PS3, PS4, PS5
- How to turn off notifications on PS4
- How to clear your PS4 browsing history?
- PS5 console: release date, price, stock
- Install Flash Player on Playstation 3: 2021
- How to play MP4 on a PSP 3000
- How to buy games on PlayStation store: for free
- How to change the language on PSP
- How to connect your Playstation 4 to PC
- How to clear PS3: cache, cookies
- PS4 text to speech: not working
- Turn off controller vibration: PS3
- Find and add friends on PS4: from Facebook, online
- How to reset your PlayStation network password?
- How to connect a BigBen controller to a PS3
- How to disable PS4 share play
- How to clear your browsing history on PS3?
- Obtain an IP address on the PS3
- Switch from HDMI to SCART: PlayStation 3
- PS Now vs PS Plus
- How to delete cookies on PlayStation 4
- How to add the accessibility menu to Quick Menu on PS4?
- PlayStation 4: tips and tricks
- Turn off JavaScript on Playstation 4
- How to save battery life on PS4 controller