OpenAI has rolled out a Bug Bounty Program to help it find bugs in its artificial intelligence systems.
The popular AI company says it is launching a program aimed at paying users to report faults, glitches, bugs or security issues on its systems such as the popular ChatGPT chatbot.
No ad to show here.
This will mean users get to pin point flaws and the company pays for the constructive critic.
“OpenAI’s mission is to create artificial intelligence systems that benefit everyone. To that end, we invest heavily in research and engineering to ensure our AI systems are safe and secure. However, as with any complex technology, we understand that vulnerabilities and flaws can emerge.” the company wrote in its blog post.
“We are excited to build on our coordinated disclosure commitments by offering incentives for qualifying vulnerability information. Your expertise and vigilance will have a direct impact on keeping our systems and users secure.”
Bug Bounty Program
Users will be paid for their valuable insights to keep AI safe and secure.
OpenAI has partnered with Bugcrowd, which will assist OpenAI in managing submissions as well as the reward process.
OpenAI will be offering cash rewards based on the severity and impact of the reported issue.
The rewards range from $200 for low severity findings up to $20 000 for exceptional discoveries.
How to report issue
Users can submit their report here
Users must be authorized to perform testing in compliance with the policy.
Users must promptly report any bugs
Refrain from disrupting any systems or affect user experience.
Keep vulnerability details confidential until authorized for release by OpenAI’s security team which aims to provide authorization within 90 days of receiving the report.
Do not use data belonging to others, including confidential OpenAI data. Should a bug expose such data, users are asked to stop testing and submit the report, and delete all copies of the information.
Interact only with own user accounts, unless authorized by OpenAI.
Disclosure to OpenAI must be unconditional. Users are urged to not engage in extortion, threats and other tactics to elicit a response under duress.
IMPORTANT: Do not submit API keys to bugcrowd. The submission will be marked as out of scope and you will lose points. You must submit through the form.