It was only a matter of time. OpenAI is launching its own bug bounty program.
In a blog post, the company announced that it is launching a bug bounty program for security experts to test for and report bugs in the company’s APIs, ChatGPT, and more. If you are a developer or security researcher, this is a great time to jump in and try to get paid for all of the issues you may (or have already) found.
OpenAI says that it is “inviting the global community of security researchers, ethical hackers, and technology enthusiasts to help us identify and address vulnerabilities in our systems” and has partnered with Bugcrowd to launch the program, which is now live.
We have partnered with Bugcrowd, a leading bug bounty platform, to manage the submission and reward process, which is designed to ensure a streamlined experience for all participants. Detailed guidelines and rules for participation can be found on our Bug Bounty Program page.
If you’re wondering how much you may get paid for finding issues with OpenAI’s software, the company says that payments can range anywhere from $200 all of the way up to $20,000 depending on the severity of the issue.
To incentivize testing and as a token of our appreciation, we will be offering cash rewards based on the severity and impact of the reported issues. Our rewards range from $200 for low-severity findings to up to $20,000 for exceptional discoveries. We recognize the importance of your contributions and are committed to acknowledging your efforts.
Interested developers and security researchers can apply for the program starting today. According to Bugcrowd, seven vulnerabilities have already been discovered and paid out. The announcement and launch of the program come a day after privacy complaints triggered an investigation into OpenAI from the Office of the Privacy Commissioner of Canada (OPC).