eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
OpenAI is intensifying its cybersecurity efforts, now offering up to $100,000 for high−impact bug discoveries — a fivefold increase from its previous $20,000 maximum reward. The move highlights the AI giant’s growing focus on safeguarding its systems as it advances toward artificial general intelligence (AGI).
The company announced the update on March 26 as part of a broader initiative to strengthen its AI systems against emerging threats. The substantial increase in bug bounty rewards underscores OpenAI’s commitment to security and its proactive stance to identifying and mitigating vulnerabilities.
The bug bounty program, run in collaboration with Bugcrowd, has already rewarded 209 submissions since its launch in April 2023.
Bonus incentives for bug hunters
In addition to the increased payouts, OpenAI is rolling out a limited-time incentive program for security researchers who submit qualifying reports. This promotional window runs from March 26 to April 30, 2025, and focuses on access control vulnerabilities, such as Insecure Direct Object Reference (IDOR), with rewards now ranging from $400 to $13,000.
Expanding cybersecurity research and defense
The bounty program upgrade is just one piece of OpenAI’s larger cybersecurity strategy. The company is also expanding its Cybersecurity Grant Program, which funds research into AI security. Since its inception two years ago, this program has supported 28 research projects, addressing key areas like secure code generation, prompt injection vulnerabilities, and autonomous cybersecurity defenses.
OpenAI is now widening the scope of grant applications to include:
- Software patching: Using AI to detect and fix vulnerabilities.
- Model privacy: Enhancing safeguards against unintended data exposure.
- Threat detection and response: Improving defenses against advanced cyber threats.
- Security integration: Strengthening AI’s role in security frameworks.
- Agentic security: Increasing AI resilience against sophisticated attacks.
Additionally, OpenAI is introducing microgrants in the form of API credits. These grants will help security researchers quickly prototype new cybersecurity solutions.
AI-powered cybersecurity and red teaming
OpenAI is not solely relying on external researchers to test its systems; the company is also leveraging its AI technology to detect and respond to cyber threats in real time.
To further bolster its security posture, OpenAI has partnered with SpecterOps, a cybersecurity research firm specializing in adversarial testing. Through “continuous adversarial red teaming,” OpenAI is simulating real-world attacks on its corporate, cloud, and production environments to identify and patch vulnerabilities before they can be exploited.
With 400 million weekly active users, OpenAI’s commitment to cybersecurity is essential for ensuring the safety and trustworthiness of its technology. By enlisting ethical hackers, researchers, AI-driven defenses, and offering higher bug bounties, OpenAI is taking significant steps to stay ahead of emerging threats.