Microsoft and Xbox are the two biggest brands in the tech industry and we were lucky to hear about the launch of an Xbox bug bounty program by Microsoft at the end of January. They’re paying almost $20,000 if someone spots or digs out a security vulnerability of the Xbox.
Being a widely known brand throughout the world, Microsoft is trying to make the Xbox an even safer platform. Also, the experience of Microsoft with other bounty bug programs has been encouraging. Microsoft’s Launch study now states:
“The Xbox Bounty program is now an invitation to players, security researchers and others across the globe to identify the vulnerabilities in the Xbox Live network and to assist services and the Xbox team. Successful and Qualified submissions will get bounty rewards up to $500 to $20,000.”
$ 500 to $ 20,000 per vulnerability
The size of the incentive depends on whether the recorded vulnerabilities are graded as serious, high or low in their use, and on the form of potential circumvention and catastrophe.
Also, it is important to note that all the security holes are not rewarded by Microsoft. You’d get all the exceptions in a detailed list and they’re found in the support document for the Bug Bounty Program. These are bugs that are used for classic cheat software.
The company has invited almost everyone to dig out and join the search for security holes. Consequently, the transmission is quite easy. A ‘high-quality report’ will give you all the necessary information and the company can actually react to the problems in a jiffy.
All the information should be provided with a “high-quality report” that allows the company to rapidly replicate, understand and then correct the problem reported. It involves a report or a video containing the necessary background details, an error summary and an accompanying proof of concept (PoC).