OpenAI Increases Bug Bounty Payments, Seeks Grant Recipients

share
Header image

OpenAI Increases Bug Bounty Payments, Seeks Grant Recipients

share

Company is looking to invest in five areas areas of research.

OpenAI has increased its maximum bounty payout for “exceptional and differentiated critical findings” from $20,000 to $100,000.

Saying the increase “reflects our commitment to rewarding meaningful, high-impact security research that helps us protect users and maintain trust in our systems,” whilst it is expanding its cybersecurity grant program.

With 28 offensive and defensive research projects funded, including secure code generation, autonomous cybersecurity defences, and prompt injection, the company is now soliciting proposals for five new areas of research: 


  • Model privacy: Enhancing robustness against unintended exposure of private training data.

  • Detection and response: Improving detection and response capabilities against advanced persistent threats.

  • Security integration: Boosting accuracy and reliability of AI integration with security tools.

  • Agentic security: Increasing resilience in AI agents against sophisticated attacks.

  • Software patching: Leveraging AI to detect and patch vulnerabilities.


A company statement said: “Achieving our mission requires more than groundbreaking technology. It demands robust, continually evolving security practices. As our models rapidly advance—our technology’s capabilities surpass even where we stood six months ago—our responsibility to strengthen security measures grows proportionally.

“At OpenAI, security is a deep-rooted commitment that strengthens as our models and products advance. We remain fully dedicated to a proactive, transparent approach, driven by rigorous testing, collaborative research, and a clear goal: ensuring the secure, responsible and beneficial development of AGI.


Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Artificial Intelligence Published: 27 March Written by
Dan Raywood
Dan Raywood

Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.

Upcoming Events

No events found.

Related content

Claude Mythos: What CISOs Should Know

Claude Mythos: What CISOs Should Know

 NCSC warns AI accelerates vulnerability discovery, prompting urgent patch wave

NCSC warns AI accelerates vulnerability discovery, prompting urgent patch wave

 Cybersecurity implications of Claude Mythos explored by US, UK

Cybersecurity implications of Claude Mythos explored by US, UK
AI coding tools must not propagate vulnerabilities, says NCSC head

AI coding tools must not propagate vulnerabilities, says NCSC head

 Novel font-rendering attack prevents AI assistants from detecting illicit code

Novel font-rendering attack prevents AI assistants from detecting illicit code

 Report: UK cyberattacks grow faster than global rate

Report: UK cyberattacks grow faster than global rate
Novel CyberStrikeAI tool exploited in attacks

Novel CyberStrikeAI tool exploited in attacks