OpenAI's New Security Plan Rewards 'Critical' Bug Discovery

Max Payout for Bug Bounty Program Up From $20,000 to $100,000 Rashmi Ramesh (rashmiramesh_) • March 27, 2025

OpenAI announced a cybersecurity initiative that aims to improve the resilience of its large language models by rewarding the discovery of critical vulnerabilities and improving threat mitigation.

See Also: Capturing the cybersecurity dividend

The Sam Altman-led company raised the maximum payout for its bug bounty program from $20,000 to $100,000 to attract researchers. Launched last April, the program will offer the six-figure sum for "exceptional and differentiated critical findings." It also introduced a limited-time bonus promotion for reports submitted in specific categories, doubling certain payouts to up to $13,000 for priority access control vulnerabilities. The promotion covering "priority 1-3 IDOR access control vulnerabilities on any in-scope target" started on March 26 and runs ...