Microsoft has announced the new Xbox Live Network bug bounty program. The Bug Bounty Program is available to all players, security experts, coders, and anyone genuinely experienced in discovering vulnerabilities in the Xbox Live Network, according to the agency. Microsoft gives you $20,000 in bonuses and Microsoft claims incentives would go higher if the found vulnerability is important enough.
Best incentives are reserved for vulnerabilities such as privilege escalation and remote execution of code on the Xbox Live Network. This will also provide strong proof of the definition of the vulnerabilities and the program’s large base of qualified users indicates that Microsoft is searching for its audience to discover some important weakness its network may have. Flaws such as bypassing security gateways, unsuitable disclosure of information or network tempering are also included in the System but are limited to incentives of up to $5,000.
Ahead of the launch of Microsoft Xbox Series X console and the xCloud game streaming network, all running on the Microsoft Xbox Live Network, the Bug Bounty service comes in. Bounties will be awarded at the discretion of Microsoft depending on the extent and effect of the vulnerability and the application standard, and subject to Microsoft Bounty Terms & Conditions.
For researchers whose findings are not eligible for a bounty award, Microsoft reports that their applications may still be honored in the form of public recognition, given they contribute to a bug patch. All who are looking to join in the program need to sign up on the Xbox Network and are encouraged to build several study profiles. The firm states that having an Xbox console at hand or accessing one of its online subscriptions (Xbox Gold, Project xCloud, Xbox Game Pass) may be useful for testing, but it is not necessary. Also, participants will not be equipped with consoles or payable accounts.