Comments
Microsoft on Thursday announced a bug bounty program for its Xbox Live network and services, whereby the tech giant will pay a bounty of up to $20,000 for detecting bugs in its Xbox Live network.
“The Xbox Bounty Program invites gamers, security researchers, and others around the world to help identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team. Qualified submissions are eligible for bounty rewards of $500 to $20,000,” Microsoft had said in an official statement.
Techies around the globe can perform individual testing of Microsoft’s fully patched version of the Xbox Live network and services. If at all they detect a bug in the network, they can submit their findings to the company and earn a hefty bounty of up to $20,000 if the submission is found relevant.
However, there’s a catch. The testing process must be reproducible. The tester will have to submit “clear, concise, and reproducible steps, either in writing or in video format” to claim the bounty.
The amount will differ based on the type of vulnerability and the severity of the same. The user, for example, will receive a $20,000 bounty for detecting severe issues with the system’s remote code execution. Vulnerabilities that lead to severe tampering with the network are worth $5,000. Microsoft has detailed the types of vulnerabilities and the specific bounties for the same on its website. DDoS issues and URL Redirects that generate significant traffic, however, are out of scope.
Users can also submit vulnerabilities on a case-by-case basis. Whoever detects a bug in the network, relevant enough for the program, can submit the necessary details using the MSRC Submission portal on the company’s website.
This is not the first time that Microsoft has provided a chance for techies to earn big through its bug bounty program. The company is already running a number of similar programs for its other products and services. Microsoft’s biggest bounty program, meant for detecting vulnerabilities in the company’s Azure cloud computing services, is worth a whopping $300,000, according to an Engadget report.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.