Think you’ve found a glaring security hole in Xbox Live? Microsoft is interested.
The company announced a new bug bounty program today, focused specifically on its Xbox Live network and services. Depending on how serious the exploit is and how complete your report is, they’re paying up to $20,000.
Like most bug bounty programs, Microsoft is looking for pretty specific/serious security flaws here. Found a way to execute unauthorized code on Microsoft’s servers? They’ll pay for that. Keep getting disconnected from Live when you play as a certain legend in Apex? Not quite the kind of bug they’re looking for.
Microsoft also specifically rules out a few types of vulnerabilities as out-of-scope, including DDoS attacks, anything that involves phishing Microsoft employees or Xbox customers, or