Sections

Valve offers bounties for Steam bug hunting

Developer and storefront owner has paid out over $108,000 in bounties so far

Valve has joined companies such as Nintendo, Microsoft, Riot Games, and Rockstar Games offering to pay bounties to hackers who find exploits in its sites and services through HackerOne. Already, over $100,000 in bounties have been paid out.

HackerOne is a platform that connects companies with white hat hackers by offering bounties for found bugs reported through the program. Through HackerOne, companies can place limitations on the kinds of exploits hackers are allowed to perform to discover the bugs and where they're authorized to look.

For example, Valve's bounties allow for exploits found on the Steam Client and other Valve websites, but excludes certain third-party-run Valve store sites. Hackers are also asked not to DDoS, social engineer, or spam to discover bugs.

Bugs found in individual games launched through the Steam client should stll be submitted through the Support site and are not eligible for bounties.

The minimum bounty for reporting a qualifying bug to Valve through this program is $100, with payouts up to $2,000 or more for particularly grievous issues. So far, the average bounty range paid out is $350-$500, and the highest bounty paid has been $3,000.

Related stories

Valve advises sexualized anime-themed titles to censor content or be removed from Steam

HuniePop, Mutiny!!, Tropical Liquor and more received warnings today for "pornographic content"

By Rebekah Valentine

SteamVR Input allows for accessibility, more controller support

The system, now in beta, lets users and developers create their own controller configurations

By Rebekah Valentine

Latest comments

There are no comments on this article yet. Why not be the first to post one?

Sign in to contribute

Need an account? Register now.