Valve Paying Hackers To Discover Steam Security Flaws, Over $100,000 So Far


In the day and age of the internet, and as technology only continues to advance, many companies have to worry about hackers getting into their systems for nefarious means. However, there are people out there that help to combat these actions by discovering the security flaws first. This is the case with Valve and their massive digital distribution platform Steam.

According to a recent bounty program that popped up on HackerOne, Valve has been paying “ethical hackers” over the past seven months to discover any potential flaws in the system. Low-risk flaws have a bounty of up to $200, while “critical” ones have a minimum of $1,500. The activity page on the HackerOne website shows that 180 cases have been resolved over the past seven months, leading Valve to pay a total of $109,600 so far. Here’s the company’s security philosophy:

“Valve recognizes how important it is to help protect privacy and security. We understand that secure products and services are critical in establishing and maintaining trust with our users. We strive to consistently deliver secure and enjoyable experiences in all of our products and services.

Security includes everyone. Our Steam users, our developers, third party software developers and the security community. Working together we can all make Steam and the Internet safer.

Security of our networks and services is important for us and for you. We take it seriously. If you are a Steam user and have a security issue to report regarding your personal Steam account, please visit our Support site. This includes password problems, login issues, suspected fraud and account abuse issues.

We are running this HackerOne bounty program to reward researchers for identifying potential vulnerabilities. Please review the following guidelines detailing the rules of this bug bounty program. Only research following these guidelines will be eligible for a bounty.”

The scope of the program doesn’t just cover Steam, but also many other Valve properties. It includes the company’s titles, several servers, and the websites for CS:GO, Dota 2, and Team Fortress 2. What it doesn’t include, however, are bugs, glitches, and the like. However, there is plenty of fine print to guide those attempting to help. Keep it tuned to Don’t Feed the Gamers as this story develops, and for other gaming news going on right now, check out the following:

What say you, gamers? Do you have what it takes to help Valve with any security flaws it may have hiding in the shadows? Are you glad to see the company taking this kind of measure when it comes to security? Sound off in the comments section below, and be sure to follow DFTG on Twitter for live gaming and entertainment news 24/7!

Eric Garrett1467 Posts

Eric is an editor and writer for Don't Feed the Gamers. When he is not staring at a computer screen filled with text, he is usually staring at a computer screen filled with controllable animations. Today's youth call this gaming. He also likes to shoot things. With a camera, of course.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Welcome! Login in to your account

Remember me Lost your password?

Lost Password