Valve has gotten on the exploit-hunting fashion according to current public releases of documentation from HackerOne, a neighborhood of white-hat hackers that participate in vulnerability manipulation and bug bounty. According to the statistics on Valve’s HackerOne page, $109,600 have been paid out in bounty benefits to individuals that are able to discover and document loopholes, including vulnerabilities and bugs in Steam providers and Valve titles.
The scope of the project is listed as:
Net, dota2.com, teamfortress.com along with sub-domains, excluding domains specifically eliminated in the scope section below
If some of this seems confusing or concerning to you, don’t stress. Lots of companies enlist the assistance of hackers to assist them locate vulnerabilities in their methods; the very best method to fight fire is with fire, after all. Google continues to be paying rewards because 2010, totaling $12 million because the application’s beginning and $2.9 million final year alone. Seeing Valve utilizing ethical hackers to assist them improve their security is really good news.
Basically, domains within the reach of the project are assigned a priority value, and hackers may investigate vulnerabilities or potential breach routes, receiving rewards based off of the priority value of the domain and the intensity of the exposure.
Should you just happen to be an individual with penetration testing experience who wants some excess cash, you can go on over to Valve’s HackerOne webpage to check out the rewards. You can also take a look at recent activity and reports as they happen here on Valve’s cookie action page.