OpenAI Offers Up to $100,000 for Critical Infrastructure Vulnerability Reports

OpenAI has announced major updates to its cybersecurity initiatives. The company is expanding its Security Bug Bounty Program, increasing the maximum reward for critical vulnerability reports to $100,000, up from $20,000 previously.

This enhanced program aims to attract top security researchers worldwide to help identify and fix potential threats before they become major issues.

OpenAI’s commitment to security excellence comes as part of its broader journey toward achieving artificial general intelligence (AGI).

The company believes that maintaining robust security measures is crucial, especially as security threats continue to evolve and become more sophisticated.

Evolving Cybersecurity Grant Program

Beyond the bug bounty enhancements, OpenAI is also evolving its Cybersecurity Grant Program.

Launched two years ago, this initiative has already funded 28 research projects focusing on areas like prompt injection, secure code generation, and autonomous cybersecurity defenses.

The program is now open to proposals for a wider range of projects, with key focus areas including:

• Software Patching: Using AI to detect and patch vulnerabilities.
• Model Privacy: Enhancing resistance against unintended exposure of private training data.
• Detection and Response: Improving capabilities to detect and respond to advanced persistent threats.
• Security Integration: Boosting the accuracy and reliability of AI integration with security tools.
• Agentic Security: Increasing resilience in AI agents against sophisticated attacks.

OpenAI is also introducing microgrants, offering API credits to researchers for quickly prototyping innovative cybersecurity ideas.

This approach invites the broader community to contribute to advancing AI and cybersecurity sciences.

Open-Source Security Research

In addition to grants and bug bounties, OpenAI engages with researchers and practitioners across the cybersecurity community.

The company partners with experts from academic, government, and commercial labs to benchmark skills gaps and obtain structured examples of advanced reasoning in cybersecurity domains.

This collaboration has yielded impressive results, particularly in code security, where OpenAI’s models have demonstrated state-of-the-art capabilities in finding and patching code vulnerabilities.

The Security Bug Bounty Program now includes a bonus promotion period, during which researchers can earn additional bonuses for qualifying reports submitted within specific categories.

 These enhancements reflect OpenAI’s commitment to rewarding high-impact security research that significantly contributes to protecting users and maintaining trust in its systems.

OpenAI has partnered with SpecterOps to conduct rigorous, realistic simulated attacks across its infrastructure.

This continuous adversarial testing helps identify vulnerabilities proactively, enhance detection capabilities, and strengthen response strategies against sophisticated threats.

OpenAI’s expanded security programs reflect its forward-thinking approach to cybersecurity, inviting passionate engineers to join in building the future of secure and trustworthy AI.

As the company progresses toward AGI, its commitment to security remains a cornerstone of its development strategies.

Are you from SOC/DFIR Teams? – Analyse Malware, Phishing Incidents & get live Access with ANY.RUN -> Start Now for Free.