A new program offered by AMD allows security researchers, ethical hackers, and experts within the public to submit bugs in AMD’s hardware, firmware, or software. AMD’s partnership with crowdsourced security service provider Intigriti has allowed them to launch this bug bounty program, making it easier for experts to gain monetary rewards for their skills. This isn’t the first time AMD has set up a bug bounty initiative, however, this time it’s different. Let’s take a closer look.
What does AMD’s Bug Bounty program offer?
The new program has been reported on Tom’s hardware and demonstrates how just about anyone, with the correct set of skills, can make a good amount of money catching bugs. In previous years AMD has offered this type of program, however, it was only to a select group of people. The difference with the current program is that anyone could be involved, meaning researchers, testers, and experts from all types of backgrounds could join, creating a wider pool for AMD to assess issues. It is also possible to submit a report bug directly to AMD independently, via its Product Security Team, however, it is a bit risky as there’s no guarantee you’ll be paid.
There are a number of monetary rewards for this can of work, and these rewards depend on the severity of the bug and its product category. Below is a list of rewards and their respective
Bug Severity | Low | Medium | High | Critical |
---|---|---|---|---|
Hardware | $2,000 | $5,000 | $15,000 | $30,000 |
Firmware | $1,000 | $3,000 | $9,000 | $15,000 |
Software | $500 | $1,500 | $5,000 | $10,000 |
This kind of program is common within the tech world, with many major companies often looking to this type of work to fix widespread customer issues. Bugs are a common issue for companies like AMD, so having a robust bug bounty program is a must. In recent years, AMD has experienced severe BIOS security issues, processors melting in their sockets, and mistaken overclocking limits on the RX 7900 GPUs. Due to the fact that this is a major company that will have customers all over the world, this type of program will help spot issues before they become a larger issue after a product launch.
Being a bug Bunty hunter can lead you to earn large sums of money, meaning it’s quite the sort-after job. Hackers can earn up to 6 figures annually from finding bugs in a company’s system. If this is something you think would suit your skill set then there’s no harm in trying. You may be able to help detect issues and get paid a great deal at the same time.