eWEEK content material and product suggestions are editorially unbiased. We could generate profits once you click on on hyperlinks to our companions. Learn More.
OpenAI is intensifying its cybersecurity efforts, now providing as much as $100,000 for top−influence bug discoveries — a fivefold enhance from its earlier $20,000 most reward. The transfer highlights the AI large’s rising give attention to safeguarding its programs because it advances towards synthetic common intelligence (AGI).
The firm introduced the replace on March 26 as a part of a broader initiative to strengthen its AI programs towards rising threats. The substantial enhance in bug bounty rewards underscores OpenAI’s dedication to safety and its proactive stance to figuring out and mitigating vulnerabilities.
The bug bounty program, run in collaboration with Bugcrowd, has already rewarded 209 submissions since its launch in April 2023.
Bonus incentives for bug hunters
In addition to the elevated payouts, OpenAI is rolling out a limited-time incentive program for safety researchers who submit qualifying reviews. This promotional window runs from March 26 to April 30, 2025, and focuses on entry management vulnerabilities, similar to Insecure Direct Object Reference (IDOR), with rewards now starting from $400 to $13,000.
Expanding cybersecurity analysis and protection
The bounty program improve is only one piece of OpenAI’s bigger cybersecurity technique. The firm can also be increasing its Cybersecurity Grant Program, which funds analysis into AI safety. Since its inception two years in the past, this program has supported 28 analysis initiatives, addressing key areas like safe code era, immediate injection vulnerabilities, and autonomous cybersecurity defenses.
OpenAI is now widening the scope of grant functions to incorporate:
- Software patching: Using AI to detect and repair vulnerabilities.
- Model privateness: Enhancing safeguards towards unintended knowledge publicity.
- Threat detection and response: Improving defenses towards superior cyber threats.
- Security integration: Strengthening AI’s function in safety frameworks.
- Agentic safety: Increasing AI resilience towards refined assaults.
Additionally, OpenAI is introducing microgrants within the type of API credit. These grants will assist safety researchers rapidly prototype new cybersecurity options.
AI-powered cybersecurity and purple teaming
OpenAI is just not solely counting on exterior researchers to check its programs; the corporate can also be leveraging its AI expertise to detect and reply to cyber threats in actual time.
To additional bolster its safety posture, OpenAI has partnered with SpecterOps, a cybersecurity analysis agency specializing in adversarial testing. Through “continuous adversarial red teaming,” OpenAI is simulating real-world assaults on its company, cloud, and manufacturing environments to determine and patch vulnerabilities earlier than they are often exploited.
With 400 million weekly energetic customers, OpenAI’s dedication to cybersecurity is important for guaranteeing the protection and trustworthiness of its expertise. By enlisting moral hackers, researchers, AI-driven defenses, and providing increased bug bounties, OpenAI is taking important steps to remain forward of rising threats.
