PlayStation’s Senior Director of Software Engineering, Goeff Norton, made the announcement on the official PlayStation blog yesterday, stating that “the security of our products is a fundamental part of creating amazing experiences for our community.”
The program is in collaboration with HackerOne and will cover breaches to the PlayStation 4 operating system, accessories, and the PlayStation Network (PSN). A critical bug on the PSN will pay from $3,000, a high-severity bug $1,000, medium severity $400, and low severity $100. Payouts are bigger on the PS4, with a minimum reward of $50,000 for critical reports. High severity reports will go for $10,000, medium severity $2,500, and low severity $500.
So far Sony has paid a total of $173,900 in bounties, with the average falling at $400. It is not currently paying for bugs found on earlier PlayStation models, the PS Vita, PSP, or software published by third-party companies.
You can find more information about the exact details of the program and eligibility at PlayStation’s HackerOne page.