Microsoft Xbox Bounty Program to offer $20000 when you identify vulnerabilities and bugs

Xbox Logo
Xbox Logo

Xbox Logo

Microsoft Xbox has announced a new bug bounty program in an attempt to use the public’s help to identify critical bugs in the Xbox software ecosystem. The bounties will be decided according to the severity of the bug, its security impact and the quality of report submitted by the researcher (bounty hunter).

Many companies have announced bug bounty programs in the past as a way of finding critical problems in their software systems. In this program, there are multiple tiers of security impacts, from Remote Code Execution to Tampering. Each security impact has its bounty rewards decided by its severity ranging from critical to low and three levels of report quality.

To qualify for an eligible submission, a researcher must identify a previously unreported vulnerability that can be reproduced in that latest, fully patched version of Xbox Live network and services at the time of submission. The report must also include clear, concise, and reproducible steps, either in writing or in video format.

Some examples offered by Microsoft for vulnerabilities include Cross site scripting (XSS), Cross site request forgery (CSRF), Insecure direct object references, Insecure deserialization, etc. Those interested in providing submissions may do so using the MSRC Submission portal, following the recommend …

Source: Fonearena

About the Author

Jervie David Montejar
Pinoy Blogger, developer, foodie, self-proclaimed photographer and big anime and otaku fan. Likes RPG and action video games.

Be the first to comment on "Microsoft Xbox Bounty Program to offer $20000 when you identify vulnerabilities and bugs"

Leave a comment

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.