Microsoft shows unwavering commitment towards the security and protection of its customers. As such, it invites researchers across the globe to identify security vulnerabilities in the software through a program called, Microsoft Xbox Bounty Program.
Microsoft announces Xbox Bounty Program
Microsoft Xbox Bounty Program encourages security researchers to participate in the program and discover vulnerabilities that might have missed the sight of the developers during the gaming software development process.
The Xbox bounty program invites gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services, and share them with the Microsoft Xbox team through Coordinated Vulnerability Disclosure (CVD). Eligible submissions with a clear and concise proof of concept (POC) are eligible for awards up to US$20,000.
As is clear from the description above, the bounty program revolves around Xbox products. Also, it is important to note that Microsoft will have the sole discretion over the bounties awarded, based on the severity and impact of the vulnerability and the quality of the submission.
Following its launch in 2002, the Xbox network has enabled millions of gaming enthusiasts to share their common love of gaming on a safe and secure service. The bounty program simply supplements the existing investments of Microsoft in security development and testing. This effort will help it uncover and fix vulnerabilities that knowingly or unknowingly bear an impact on the security of Xbox customers.
Public bounty programs are increasingly coming across as a valuable approach to combine internal testing with insights sharing by partners to produce a secure ecosystem to better protect billions of customers worldwide.
The Microsoft Xbox Bounty program will cover the Xbox Live cloud back-end infrastructure. It is subjected to legal terms and conditions.