With the recent commotion regarding Facebook’s privacy scandal and a swath of hacks and security breaches, companies doing business online have had their privacy policies and security measures under heavy scrutiny.
Valve, the world’s largest online games retailer, is no different. Now, they’re offering thousands of dollars to whitehat hackers to help find flaws in their security system. These hackers are usually ‘ethical hackers’ who help find vulnerabilities in a system by replicating the intent and actions of malicious hackers.
In exchange for their services, companies pay them bounties for each vulnerability found. In this case, Valve is paying anywhere between 100USD and 3000USD, based on how critical the issue is. With the average bounty being paid out being between 350USD and 500USD.
The current scope of the project includes valve related websites, its Steam client, OS, servers, and Valve games. The current research project seems to be wide ranging, but they do not include game bugs, or exploits. As they are focusing on the security and privacy provided by these sites. These also exclude, Distributed Denial of Service (DDoS) attacks, and spamming, phishing.
As of time of writing Valve has paid out over $100,000 in bounties. More details can be found here.