Microsoft announced a new Xbox Bounty programme today. As part of the programme, security researchers or white hat hackers can help the tech giant identify security loopholes in its Xbox Live network and services. Microsoft would pay up to $20,000 to security researchers for reporting vulnerabilities The Xbox Bounty programme invites gamers, security researchers, and others around the world to help identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team, the tech giant said in a statement on Thursday.
“The goal of the bug bounty program is to uncover significant vulnerabilities that have a direct and demonstrable impact on the security of Microsoft’s customers,” said the company.
Bug hunters can share the vulnerabilities through Coordinated Vulnerability Disclosure (CVD) and eligible submissions with a clear and concise proof of concept can get rewards of up to $20,000, the official blog notes.
The rewards start at $500 for low-risk bug discovery and go up to the highest amount of $20,000 for critical bug exploitation through remote-code execution.
Microsoft also offers similar programmes for its other services — Microsoft Edge browser, ‘Windows Insider’ preview builds, Office 365, Azure Cloud.
For the Azure bug bounty programme, security researchers can earn up to $300,000.