Microsoft is no stranger when it comes to using bug bounty schemes to monitor security issues, as well as other problems regarding its software and services. Now an Xbox bug bounty scheme has been introduced by the company, promising payouts of up to $20,000 to anyone discovering vulnerability.
The specific aim of this bounty program is to identify problems with the Xbox Live network and services. The scheme suggests that gamers, security researchers and people who report issues will be paid depending on the severity and impact of the vulnerability, as well as the quality of the submission.
The types of impact included in the program are remote code execution, privilege enhancement, security features bypass, disclosure of information, spoofing, and tampering, each with its reward levels. Denial of service attacks is, of course, not included in the scope of the programme.
You will need to discover a vulnerability that allows remote code execution of critical severity, and provide a high-quality report to qualify for the highest-paying reward. Elevation of privilege vulnerabilities can provide up to $8,000. In the meantime, issues of moderate and low severity are not eligible for any award.
Full details of the rules and eligibility for the bounty program can be found here.