Valve cares how important it is to help protect privacy and security. Recognize that safe products and services are critical to establishing and maintaining trust in their users.. They are constantly working to provide safe and enjoyable experiences in all their products and services.
They use the HackerOne reward program to reward people who detect potential security errors. For more detailed information, you can find out by visiting HackerOne. HackerOne can log in and report the security errors you detect.. You can make money.
Valve pays thousands of dollars in cash to anyone who can identify security flaws in Steam and find a potentially critical vulnerability.
The rewards are a program that aims to find security issues before they are detected by hackers. Paid through HackerOne, the “ethical hacker” community. Valve rewards at least $2,000 for a major exploit and up to $200 for detection of a low-risk bug. Scoring is determined by the CVSS score of a defect, which is a common standard. $109,000 has been paid since it was first published on HackerOne.
The level range and amount paid by CVSS scoring for vulnerabilities;
Min-Min
Max -Max Critical – Critical
(CVSS 9.0 – 10.0) High – High
(CVSS 7.0 – 8.9) Medium – Medium
(CVSS 4.0 – 6.9 ) Low – Low
(CVSS 0.0 – 3.9) Minimum
Minimum $1,500 $500 $250 $0 Maximum
Maximum —————— $2,000+ $1,000+ $200
Rewards are accepted purely for detections of security vulnerabilities or bugs. It does not cover normal site interface errors, game bugs or game gameplay errors.. So far, $109,000 has been paid for 180 reports.