OpenAI announces a bug bounty program, providing a bug bounty ranging from $200 to $20,000

Today, OpenAI officially announced a collaboration with a platform to launch a bug bounty program, inviting security researchers to actively discover and report potential vulnerabilities.

Similar to other bug bounty initiatives, submitted vulnerabilities will be assessed by officials, with rewards allocated based on the severity of the threat. Confirmed vulnerabilities will garner a minimum reward of $200, with those posing serious risks earning up to $20,000.

Photo by Andrew Neel on Unsplash

Although OpenAI can research artificial intelligence technology, security vulnerabilities are inevitable, and it is impossible for a team to thoroughly address every security flaw. In light of this, OpenAI has opted to invest in external researchers to help minimize system vulnerabilities and avoid severe repercussions down the line.

The recently launched bug bounty program’s success remains to be seen, but it is expected that OpenAI will disclose some of the resolved vulnerabilities in the future.

Eligible vulnerabilities for submission and reward mainly pertain to those that compromise OpenAI’s infrastructure, such as exploiting flaws to infiltrate systems and steal data. However, issues related to ChatGPT conversations, like using prompts to induce ChatGPT to write malicious code, are not considered vulnerabilities.

If ChatGPT prompt words are employed to bypass security measures and infiltrate systems, this may create safety concerns and can be submitted for review. Interested researchers may visit the bug bounty page to view specific security guidelines.