Microsoft has initiated a bug bounty program, especially for the Xbox Live community and services, and it is paying bug hunters up to $20,000. Like every other bug bounty program, the payout depends on the security vulnerability’s severity and starts at $500.
Security holes that leave the Xbox Live network vulnerable to spoofing attacks can earn researchers as much as $5,000, for instance. Remote code execution ventures pay the most — from $10,000 to $20,000 — as long as they’re beforehand unreported vulnerabilities discovered in the latest model of Xbox Live.
Those who want to ship in a submission must embrace reproducible steps to be able to claim a reward. And while the program covers fairly a few different types of vulnerabilities, some things are out of scopes, such as DDoS points and URL Redirects.
The Xbox Live program is, however, one of the bug bounty programs Microsoft is working for its products and services. A few of them have a reward cap of $15,000, but the most excellent program total promises as much as $300,000 for the most severe vulnerabilities found within the company’s Azure cloud computing services.