OpenAI Launches Bug Bounty Program
OpenAI, the artificial intelligence (AI) company behind ChatGPT, has announced the launch of a bug bounty program to combat privacy and cybersecurity concerns. The program rewards security researchers and ethical hackers for identifying and addressing vulnerabilities in OpenAI's technology and company, with cash rewards ranging from $200 for low-severity findings to $20,000 for exceptional discoveries.
OpenAI has partnered with Bugcrowd, a bug bounty platform, to manage the submission and reward process, ensuring a streamlined experience for all participants. The company has also offered safe harbor protection for vulnerability research conducted in compliance with its specific guidelines. OpenAI believes that expertise and vigilance will play a crucial role in keeping its systems secure and ensuring users' security.
The launch of the program comes in the wake of recent bans in different countries on AI technology and concerns about privacy and cybersecurity. On March 20, OpenAI suffered a data breach, which exposed user data due to a bug in an open-source library. The incident highlighted the need for increased security measures and prompted OpenAI to launch the bug bounty program.
The global community of security researchers, ethical hackers, and technology enthusiasts have been invited to participate in the program. OpenAI hopes that the initiative will help to identify and address vulnerabilities in its systems and improve its overall security posture.
The program's rules state that researchers must comply with all applicable laws and regulations, and safe harbor protection is provided for vulnerability research conducted according to OpenAI's guidelines. If a third party takes legal action against a security researcher who participated in the program and followed the rules, OpenAI will inform others that the researcher acted within the program's guidelines. This is because OpenAI's systems are connected with other third-party systems and services.
The launch of the program follows a statement by the Japanese government's Chief Cabinet Secretary Hirokazu Matsuno, stating that Japan would consider incorporating AI technology into government systems, provided privacy and cybersecurity issues are addressed. OpenAI's bug bounty program demonstrates the company's commitment to addressing these concerns and improving its security posture. By inviting the global community of security researchers, ethical hackers, and technology enthusiasts to participate, OpenAI hopes to increase vigilance and expertise, directly impacting the security of its systems and ensuring users' security.