Skip to main content

Sony’s revamped PlayStation bug bounty program offers cash rewards

 

Sony is inviting one and all to hunt down bugs on its PlayStation platform for some potentially big cash payouts.

Recommended Videos

The entertainment giant has actually had a bug bounty program in place for some time, but operated it privately with select researchers. This week’s announcement means the program is now open to everyone, including “the security research community, gamers, and anyone else,” Geoff Norton, Sony’s senior director of software engineering, wrote in a blog post about the expansion.

To facilitate the move, Sony has teamed up with HackerOne, a Silicon Valley company that operates such programs.

Sony wants people to test the security of the PlayStation 4 gaming console and the PlayStation Network digital media entertainment service.

The bug bounty program offers different payment bands linked to the severity of the issue and the quality of the report. Payouts start at $100 for a low-rated vulnerability discovered on the PlayStation Network, with the more valuable bands offering minimum payments of $400, $1,000, and $3,000.

Discover a low-rated vulnerability on the PlayStation 4 and you can expect to receive at least $500, with higher payouts worth a minimum of $2,500, $10,000, and, for the most critical vulnerability, upward of $50,000.

Data shared on HackerOne’s website shows that this particular bug bounty program — prior to it going public this week — has so far paid out $173,900 to researchers who have reported vulnerabilities, with the average bounty worth $400. In the last 90 days alone, the program has paid out $61,000.

HackerOne points out that Sony will only award a bounty to the first researcher to report a previously unreported vulnerability.

Sony: Creating a ‘safer place to play’

“We believe that through working with the security research community we can deliver a safer place to play,” Norton wrote in his post. “I’m happy to announce today that we have started a public PlayStation bug bounty program because the security of our products is a fundamental part of creating amazing experiences for our community.”

Bug bounty programs are common among tech firms as they work to shore up their digital defenses. Google revealed earlier this year that in 2019 it paid out a total of $6.5 million to researchers who found critical weaknesses in its software, with the single biggest payment worth a whopping $201,000.

Interested in getting involved? For full details of Sony’s bug bounty program, check out its listing on HackerOne’s website.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
PlayStation Network is back online after nearly 24 hours
A screenshot taken from Call of Duty: Black Ops 6.

After first going offline on Friday night, PlayStation Network came back online Saturday evening. The 20+ hour downtime makes it one of the longest PSN outages in history. Despite the PlayStation Status page showing green lights across the board, it took several hours before all services were restored.

Just after midnight on February 9, Ask PlayStation shared a post on X announcing that services had been restored. In addition, "All PlayStation Plus members will automatically receive an additional five days of service," per the message.

Read more
PlayStation Network is still down after more than 12 hours
A soldier fighting a bile spewer in Helldivers 2.

Last night, PlayStation Network went down across the globe — and it's still not back online. The number of complaints about the outage peaked around 7 PM, with more than 14,000 users reporting issues at DownDetector. When the service first went offline, many players assumed it was temporary — perhaps overloaded servers on a Friday night — but you still can't log on, and the outage has revealed more cracks in Sony's network.

Sony posted on X that the company was aware of the outage and suggested players check status.playstation.com for more information. Unfortunately, every single indicator from Account Management to PlayStation Direct is currently offline, and there isn't an estimated resolution time in sight.

Read more
The PlayStation 6 could launch in 2027 according to chipset leak
A PlayStation 5 connected to a TV, showing the Sony Pictures Core interface.

According to a known tipster, the PlayStation 6 chipset is nearly ready for fabrication, with estimates giving it a release window as early as 2027 — as long as current patterns continue. Take the news with a grain of salt, though; none of this is confirmed, and this is one of the earliest supposed leaks we've seen.

User KeplerL2 shared the initial information in a NeoGaf forum post. The estimated release window of 2027 is based on previous Sony trends; each Sony console is released typically two years after entering the fabrication stage. The range also fits the typical seven-year lifespan for Sony consoles. The PS3 dropped in 2006, the PS4 in 2013, and the PS5 in 2020, according to Android Authority.

Read more