OpenAI has launched a bug bounty program, paying cash rewards to researchers that discover and report bugs.
Bug bounties are a popular way for companies to find and fix bugs, relying on researchers to help in exchange for payouts. Given the increasing popularity of OpenAI’s ChatGPT, it’s not surprising the company has unveiled a bounty program.
The company announced the program in a blog post:
OpenAI’s mission is to create artificial intelligence systems that benefit everyone. To that end, we invest heavily in research and engineering to ensure our AI systems are safe and secure. However, as with any complex technology, we understand that vulnerabilities and flaws can emerge.
We believe that transparency and collaboration are crucial to addressing this reality. That’s why we are inviting the global community of security researchers, ethical hackers, and technology enthusiasts to help us identify and address vulnerabilities in our systems. We are excited to build on our coordinated disclosure commitments by offering incentives for qualifying vulnerability information. Your expertise and vigilance will have a direct impact on keeping our systems and users secure.
OpenAI says payouts will range from $200 to $20,000:
To incentivize testing and as a token of our appreciation, we will be offering cash rewards based on the severity and impact of the reported issues. Our rewards range from $200 for low-severity findings to up to $20,000 for exceptional discoveries. We recognize the importance of your contributions and are committed to acknowledging your efforts.
OpenAI’s announcement is good news for security researchers, many of whom rely on such programs for a substantial part of their income.
