Skip to main content

Sony’s revamped PlayStation bug bounty program offers cash rewards

Sony is inviting one and all to hunt down bugs on its PlayStation platform for some potentially big cash payouts.

The entertainment giant has actually had a bug bounty program in place for some time, but operated it privately with select researchers. This week’s announcement means the program is now open to everyone, including “the security research community, gamers, and anyone else,” Geoff Norton, Sony’s senior director of software engineering, wrote in a blog post about the expansion.

To facilitate the move, Sony has teamed up with HackerOne, a Silicon Valley company that operates such programs.

Sony wants people to test the security of the PlayStation 4 gaming console and the PlayStation Network digital media entertainment service.

The bug bounty program offers different payment bands linked to the severity of the issue and the quality of the report. Payouts start at $100 for a low-rated vulnerability discovered on the PlayStation Network, with the more valuable bands offering minimum payments of $400, $1,000, and $3,000.

Discover a low-rated vulnerability on the PlayStation 4 and you can expect to receive at least $500, with higher payouts worth a minimum of $2,500, $10,000, and, for the most critical vulnerability, upward of $50,000.

Data shared on HackerOne’s website shows that this particular bug bounty program — prior to it going public this week — has so far paid out $173,900 to researchers who have reported vulnerabilities, with the average bounty worth $400. In the last 90 days alone, the program has paid out $61,000.

HackerOne points out that Sony will only award a bounty to the first researcher to report a previously unreported vulnerability.

Sony: Creating a ‘safer place to play’

“We believe that through working with the security research community we can deliver a safer place to play,” Norton wrote in his post. “I’m happy to announce today that we have started a public PlayStation bug bounty program because the security of our products is a fundamental part of creating amazing experiences for our community.”

Bug bounty programs are common among tech firms as they work to shore up their digital defenses. Google revealed earlier this year that in 2019 it paid out a total of $6.5 million to researchers who found critical weaknesses in its software, with the single biggest payment worth a whopping $201,000.

Interested in getting involved? For full details of Sony’s bug bounty program, check out its listing on HackerOne’s website.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
PlayStation gets into the streaming handheld game with Project Q
Project Q and PlayStation earbuds

During the May 2023 PlayStation Showcase, PlayStation CEO Jim Ryan revealed Project Q. It's a new handheld streaming device that will allow you to stream any game from your PlayStation 5 console using its remote play function or Wi-Fi.

It doesn't have an official name yet, so it's known internally as Project Q. What we do know is that it has an 8-inch HD screen, plus all of the buttons and features of a DualSense wireless controller.

Read more
PlayStation reveals new features and UI for its PS5 Access Controller
Sony's Project Leonardo controller sits on a table.

Sony revealed new details about its PlayStation 5 accessibility controller, which has been renamed from Project Leonardo to the Access Controller. A new blog post details what comes with the controller and offers a glimpse at the UI interface that players will use to customize it on the PS5.

Sony surprise revealed its "Project Leonardo" at CES earlier this year (Digital Trends named it the best gaming tech of the show). The circular pad features a unique design meant to make it easier for people with disabilities to customize controls to their needs. While it still doesn't have a price or release date, Sony has opened a new website for its newly renamed Access Controller and shared new details on it.

Read more
3 big things I need to see from the next PlayStation Showcase
Peter and Miles from Marvel's Spider-Man 2.

It’s that time of the year again when industry insiders are teasing that a big PlayStation Showcase will happen around June. A third-party focused State of Play happened in 2022, but now Video Games Chronicle’s Andy Robinson and Giant Bomb’s Jeff Grubb are both suggesting that a more first-party oriented "Showcase" could be on the way sometime during the next month, potentially during the week of May 25.
PlayStation has had a rough start to 2023, with console exclusive Forspoken garnering mixed reviews, the PlayStation VR2 impressing critics while underperforming in sales, and The Last of Us Part 1’s PC port being broken at launch. With only Marvel’s Spider-Man 2 confirmed to be on the horizon for 2023, Sony has a lot to prove during its next showcase. There are three specific things I need to see from Sony if that PlayStation Showcase does come to fruition.
Give PSVR2 purpose
The PlayStation VR2 is an impressive piece of virtual reality technology, but it lacks killer apps outside of Horizon: Call of the Mountain. New game releases for the headset have been slow since its February 2022 launch, which is likely why the $550 headset has underperformed. Sony has opted to mainly relegate PSVR2 to State of Plays or PlayStation Blog posts, but it needs to revitalize excitement for the platform by giving some of its games a spotlight in a big PlayStation Showcase.

Hopefully, there’s more on the way in terms of new AAA VR exclusives from first-party studios, as well as much-demanded ports like Half-Life: Alyx. Already announced PSVR2 games like Journey to Foundation and Synapse could also use release dates. A PlayStation Showcase is the perfect time for Sony to put out a clear road map for PSVR2’s future game library, just as the September 2021 PlayStation did for PS5. Give me a reason to strap on that headset yet again.
Flesh out the system’s 2023 exclusives lineup
PS5 needs a strong lineup for this fall as well. With the exception of Marvel’s Spider-Man 2, things look pretty barren for PS5 this year after the launch of Final Fantasy XVI. Several previously announced PS5 games still lack concrete release dates and could arrive in the second half of this year. It’d be nice to get a clearer picture of Sony’s PS5 game lineup for the rest of the year; hopefully, it includes titles like Stellar Blade, the Silent Hill 2 remake, Lost Soul Aside, Death Stranding 2, and Final Fantasy VII Rebirth.

Read more