Reward your researchers fairly – try our bug bounty calculator today!

Try our bug bounty calculator

How Ubisoft protects gamers through Intigriti's bug bounty program, creating secure gaming experiences

The challenge

As an established player in the video game industry, Ubisoft faced the challenge of securing their extensive digital ecosystem while ensuring optimal gaming experiences for millions of players worldwide. With numerous games, platforms, and user data to protect, Ubisoft needed a comprehensive security strategy that could scale with their growing portfolio. Their primary concern was protecting gamers' information and maintaining the integrity of their gaming experiences, but they needed a more structured approach to identify vulnerabilities across their vast digital footprint.

The biggest value that I've seen with the bug bounty program is in protecting our gamers—the people who actually buy and play our video games. We want to make sure that we're protecting their information as well as making sure that their gaming experiences are at the highest they can possibly be.

Sean Lawler

Bug Bounty Manager
Ubisoft

The solution

Together with Intigriti, Ubisoft chose to evolve their bug bounty program, transitioning from a closed, private program to a public one with expanded scope. This strategic shift allowed them to leverage the diverse expertise of security researchers worldwide to identify vulnerabilities across their entire portfolio.

Key elements of Ubisoft's approach include:

  • Expanded program scope: Opening their program to include any verifiable Ubisoft asset, giving researchers broad latitude to test and report security issues.

  • Gaming-focused security: Specifically encouraging researchers to dive into game security, an often overlooked specialty.

  • Community engagement: Building relationships with top security researchers who understand their unique ecosystem and security requirements.

The gaming experience is paramount for our customers. We're dedicated to preventing interruptions, stopping cheaters, and protecting streams—anything that could detract from the quality experience players expect when they purchase our games.

Sean Lawler

Bug Bounty Manager
Ubisoft

The result

The expanded bug bounty program has significantly strengthened Ubisoft's security posture while aligning with their core focus on player experience:

  • Enhanced player protection: By proactively identifying and remediating vulnerabilities, Ubisoft better safeguards player data and privacy.

  • Improved gaming integrity: The program helps prevent cheating and other exploits that could undermine fair gameplay and player experience.

  • Specialized expertise: Access to researchers with unique skill sets, including those who understand the specific security challenges in gaming environments.

  • Strong researcher relationships: Building ongoing relationships with top security researchers like hg_real, nijagaw, and bozkurt97 who consistently provide high-quality reports.

Ubisoft

Ubisoft is a leading creator, publisher and distributor of interactive entertainment and services, with a rich portfolio of world-renowned brands, including Assassin's Creed, Far Cry, For Honor, Just Dance, Watch Dogs, and Tom Clancy's video game series including Ghost Recon, Rainbow Six, and The Division.

Industry

Industry

Gaming & Entertainment

Employees

Employees

19.000+

Customers

Global users

138.000.000

Request a demo!

"A pentest is often a mile wide and an inch deep, while a bug bounty initiative is an inch wide and a mile deep—depth over breadth in uncovering hard-to-find vulnerabilities."

David Andersson,
Grafana Security Engineering Manager