The maximum bug bounty rewards for “exceptional and differentiated” critical security vulnerabilities, from$ 20, 000 to$ 100, 000, has been increased fivefold, according to the artificial intelligence company OpenAI.
400 million people use OpenAI’s companies and platforms every year, according to OpenAI, across businesses, businesses, and governments around the world.
The company announced that” we are significantly increasing the maximum bounty payout for exceptional and distinctive critical findings” to$ 100, 000 ( previously,$ 20 000 ).
This increase “reflects our dedication to satisfying high-impact, substantial protection research that aids us protect users and uphold trust in our systems.”
In what it referred to as “limited-time promotions,” OpenAI may even offer bounty bonuses for eligible reports within certain categories as part of its continued efforts to expand its bounty , program, and reward high-impact security research.
Researchers who submit eligible reports within certain categories will be eligible for more bounty bonuses during promotional periods, it added.
For instance, OpenAI has a maximum reward of$ 13,000 available until April 30 when security researchers report Insecure Direct Object Reference ( IDOR ) vulnerabilities in its infrastructure and products.
In April 2023, OpenAI , offering up to$ 20,000 to researchers who report bugs, vulnerabilities, or security flaws to its product line using Bugcrowd’s crowdsourced security platform.
Model safety concerns, according to the company, are beyond the scope of ChatGPT users ‘ jailbreaks and safety passes, to trick the chatbot into disregarding security measures put in place by OpenAI professionals.
One month after a bug in the Redis customer open-source catalogue of OpenAI’s platform was discovered, ChatGPT transaction data leak was discovered, the company unveiled its bug bounty program.
According to what was discovered then, this bug led to the ChatGPT service exposing chat queries and personal data ( subscriber names, email addresses, payment addresses, and partial credit card information ) for roughly 1.2 % of ChatGPT Plus subscribers.
Discover the top 10 MITRE ATT&, CK strategies behind 93 % of problems and how to protect against them based on an analysis of 14M harmful behavior.