Security researchers rejoice! OpenAI says it is increasing its bounty payout for “exceptional and differentiated critical findings” from $20,000 to $100,000. By increasing the bounty five-fold, OpenAI ensures it’s able to attract the best talent to inspect its products and services to identify issues.
Commenting on the increase, OpenAI said:
“This increase reflects our commitment to rewarding meaningful, high-impact security research that helps us protect users and maintain trust in our systems."
In addition to increased bug bounties, OpenAI announced time-limited bonus payments. According to the OpenAI Bug Bounty Program page, the bonuses are available until April 30, 2025. They apply to P1-3 access control vulnerabilities called IDORs. The previous bonus bounty range was $200-$6500, but now it’s $400-$13000.
Aside from better payouts, OpenAI has also decided to expand its Cybersecurity Grant Program to fund more projects. It is also awarding more microgrants in the form of API credits so that researchers can test out their new cybersecurity ideas and experiments. The ChatGPT maker said that for grants, it is prioritizing software patching, model privacy, detection and response, security integration, and agentic security.
Additionally, OpenAI has been using its AI technologies to help with threat detection and response. These AI security agents that it has developed are equipping its security teams “with precise, actionable intelligence necessary to counter sophisticated cyberattacks.”
OpenAI hasn't stopped at just these updates as part of its announcement. The company has partnered with SpecterOps to conduct realistic simulated attacks on its infrastructure to identify vulnerabilities. Furthermore, it said security is important for the Stargate project and is working with partners to adopt zero-trust architectures and hardware-backed security solutions.
Security researchers interested in nabbing the higher bug bounties can get started by heading over to the OpenAI Bug Bounty Program page to learn what the company is looking for. You can also read OpenAI’s announcement to dig deeper.
1 Comment - Add comment