Xbox will give you up to $20,000 for finding bugs

This week, Microsoft introduced an exciting initiative to help identify bugs within the Xbox Live network. Gamers and researchers can earn between $500 to $20,000 if they successfully report vulnerabilities in the system.

Xbox CEO Phil Spencer will hope to have less bugs within his company’s network as he prepares for a busy decade ahead. Photo: Xbox

A lot to cover

Microsoft shares that the bounties will be awarded at the discretion of the company. They will be based on the quality, severity, and impact of the submission.

Examples of vulnerabilities that can lead to rewards if found include:

  • Cross site scripting (XSS)
  • Cross site request forgery (CSRF)
  • Insecure direct object references
  • Insecure deserialization
  • Injection vulnerabilities
  • Server-side code execution
  • Significant security misconfiguration (when not caused by user)
  • Demonstrable exploits in third party components. (Requires full proof of concept (PoC) of exploitability)

The tech giant states that there are no restrictions on the number of qualified submissions an individual can make. However, if it received multiple reports for the same bug from different people, it will award the bounty to the first complete submission.

Reports have to be submitted to the Microsoft Xbox team through Coordinated Vulnerability Disclosure (CVD).

Microsoft is showing its intent on delivering fresh gaming services this decade. Projects such as xCloud are set to give the firm new ground in the market. Photo: Xbox

Responsible approach

Chloé Brown, program manager at the Microsoft Security Response Center, spoke about how her company seeks to deliver a gaming service that is secure for its users.

“Since launching in 2002, the Xbox Network has enabled millions of users to share their common love of gaming on a safe and secure service,” she shared on Microsoft’s website.

“The bounty program supplements our existing investments in security development and testing to uncover and remediate vulnerabilities which have a direct and demonstrable impact on the security of Xbox customers.”

Brown went on to state that a bounty program is an effective way to produce a secure ecosystem to play in. These projects combine well with internal tests, private programs, and knowledge shared by the firm’s partners.

With heavy investment going into the launch of the Xbox Series X, Microsoft will want to make sure that its online service is fully secure ahead of the release. Photo: Xbox

Strong incentives

This process is similar to the way other corporations such as Amazon try to reduce vulnerabilities. A few months ago, the Jeff Bezos-owned company offered two researchers $60,000 after they hacked into an Amazon Echo.

With a lot of money at stake, people will be more inclined to help companies with their targets. Initiatives such as these can help protect a wider-range of issues even after a company does the best it can to reduce them.

With Microsoft looking to regain a better presence within the gaming industry this decade, it will want to ensure that its security is full proof.

Do you think Microsoft’s approach to tackling bugs will be effective? Let us know your thoughts in the comment section.

Share

Recent Posts

  • Facebook
  • Instagram
  • News
  • Social
  • Technology
  • Twitter

Hacker group hijacks Facebook social accounts to expose vulnerabilities

Facebook's accounts on Twitter and Instagram were taken over by a hacking group called OurMine… Read More

1 year ago
  • Horizon
  • News
  • Technology

Boeing’s Starliner looks like it won’t fly again for a long time

Just before Christmas, Boeing and NASA launched the CST-100 Starliner from Florida. However, the spacecraft… Read More

1 year ago
  • Gear
  • News
  • Phones

Motorola Razr hinge could fail within a year according to fold test

Just one day after its in-store launch, the new Motorola Razr might be failing at… Read More

1 year ago
  • Google
  • News
  • Technology

Google Maps turns 15, celebrates with new design and features

Can you remember how we found anywhere before Google Maps? It has become an integral… Read More

1 year ago
  • Entertainment
  • Music
  • News

Spotify’s push on Podcasts increases listeners by 200%

In today's Q4 earnings report, Spotify reveals a massive 200% year-on-year increase in podcast listeners.… Read More

1 year ago
  • Google
  • News
  • Technology

Google may have sent your videos to a complete stranger

Are you one of Google Photos 500 million users? If so, there is a chance… Read More

1 year ago