Near the end of a console cycle is a strange time to open up bug bounty programs to the public. But that’s exactly what Sony has done. The company has announced one for the PlayStation 4 and the PlayStation Network (PSN). To be clear, the bug bounty program has been around for awhile. A year, in fact. And it’s only now that it’s open to the public.
As part of the now open bug bounty program, the company is working with HackerOne. As part of the program, Sony is paying between US$100 (~RM428) and US$50000 (~RM214075), maybe even more, depending on the severity of the discovered bug. Eligible bug hunting grounds include the PS4 console itself, its accessories, its operating system, PSN, and related websites.
According to ZDNet, Sony is the last of the three console makers to launch their bug bounty programs. Nintendo launched its own back in 2016, albeit for the 3DS. Microsoft was also quite late to the party, launching its bug bounty program earlier in the year. That said, the latecomer is also offering the biggest payouts of the three.
The major Nintendo breach earlier in the year may have been a strong incentive for Sony to open up its bug bounty program. The PlayStation platform itself is not exactly free of issues, as it experienced a major security breach back in 2011. And although it took awhile, the company finally implemented 2FA for PSN accounts.