Valve has started a bug bounty program, offering hackers cash rewards for identifying vulnerabilities across its various properties. Alongside the general Steam application, these rewards stretch across apps within Steam, Valve-owned web domains and the publisher’s own games.
Bug bounty programs aren’t a new concept, with Valve publicly joining Twitter, Nintendo and Microsoft in offering rewards to white hat hackers for successfully reporting security flaws within its platforms, via PCGamesN. Although its HackerOne board only came to light recently, its seems that Valve has conducted this practice for over seven months’ prior.
Based on a number of criteria including CVSS score, ethical hackers can earn anywhere from a minimum of $100 to a maximum breaching $2,000. At the time of writing, $109,600 has been paid out to the bounty hunters, with the average pay out falling between $350 to $500.
Despite being titled a “bug bounty program,” including games such as Team Fortress 2, CS:GO and Dota 2 sites, Valve notes that “game bugs, glitches or gameplay exploits are not part of the bug bounty program, but can still be submitted on our Support site.”
This seems to be a part of a platform-wide relaunch ahead of the reveal of new titles it has in the works. Although the website redesign went live briefly before being pulled, rumours claim that Valve will also be renovating its Steam UI.
KitGuru Says: The sheer amount of effort does indicate that Valve has something specific in the pipelines, and Steam’s UI could do with a bit of polish. What would you like to see from the publisher?