League of Legends' Creators Unveil Details of Bug Bounty Program

  • 24 November 2014
  • 0 replies
  • 2 views

Userlevel 7
By Eduard Kovacs on November 24, 2014
 
Riot Games, the developer of the popular multiplayer online game League of Legends, has shared some details on its bug bounty program.
The program, powered by the HackerOne platform, was launched in April 2013, but it has been open only to a few security researchers who have helped the company address a total of 75 bugs, exploits and vulnerabilities. So far, Riot Games has rewarded participants with a total of more than $100,000.
The list of vulnerabilities reported until now includes client crash exploits, vision related exploits, and flaws that could potentially be leveraged to impersonate players on forums, the company said.
The bug bounty program covers all Riot services accessible from the Internet and any software developed by the company. The list of eligible issues includes Web vulnerabilities such as cross-site scripting (XSS) and SQL injection, game exploits, and other flaws related to infrastructure security, information disclosure and memory corruption.
Researchers who report vulnerabilities are rewarded based on the severity of the bug. The minimum bounty has been set by the company at $100.
 
 
full article

0 replies

Be the first to reply!

Reply