After many speculations, Riot Games is still confident with their VALORANT’s new anti-cheat solution Vanguard and now they are offering big cash to anyone who can find any vulnerability in it.
For Riot Games’ newest title VALORANT, they have introduced a new anti-cheat solution called Vanguard. Even before the beta release, Riot Games was very confident in their new anti-cheat solution until users found some serious issues in it.
Vanguard currently has a kernel-mode driver that starts upon computer boot. On top of that, a PC restart is also needed after installing Vanguard. As a result, the gaming community went ham against Riot Games due to concern over their privacies. Many YouTubers published videos on why you should not install VALORANT and there are also many Reddit threads about is as well.
But, Riot Games was very vocal about their security concerns and they were posting blog after blog defending their new anti-cheat solution. Even today, Riot Games’ Security Team published a blog post regarding Vanguard’s security and privacy. They said, “we wouldn’t work here if we didn’t deeply care about player trust and privacy and believe that Riot feels the same way.” “We’re players just like you, and we wouldn’t install programs on our computer that we didn’t have the utmost confidence in.” they added.
In that article, they have discussed Riot Vanguard’s Philosophy and Architecture. They have also announced that they are creating a special scope where you can earn big cash if you are able to find any vulnerability in Vanguard.
How to submit vulnerabilities and get rewarded for it
First of all, you can not publicly disclose any vulnerabilities you find otherwise you will be ineligible for the rewards or bounties. Riot Games is offering special bounties for Vanguard whereupon valid reporting you can get a minimum reward of $250 and up to $100,000 for high-quality reports.
Vanguard’s Special Bounties are:
|Network attack with no user interaction||Code execution on the kernel level||$100,000|
|Unauthorized access to sensitive data||$75,000|
|Network attack requiring user interaction (1 click)||Code execution on the kernel level||$75,000|
|Unauthorized access to sensitive data||$50,000|
|Local attack for privilege escalation||Code execution on the kernel level||$35,000|
|Unauthorized access to sensitive data||$25,000|
Eligibility Requirements for Vanguard Bounties
- The exploit works on the latest version of Vanguard
- You must provide a working proof of concept for the exploit that can be run by Riot Games along with a detailed report
- The exploit hasn’t been shared elsewhere before
- The findings are not disclosed outside of this program without the explicit approval of Riot Games
For detailed information, you can visit their HackerOne page. If you are able to find any valid vulnerabilities, you can contact them through Riot’s private bug bounty program on HackerOne. Or directly email them which is given on their blog post.
- Read More: VALORANT weapon tier list for new players
In the past, Riot Games rewarded security researchers with almost two million dollars in bounties. And for VALORANT they creating higher bounties. With this bounty announcement, it is very clear that Riot Games is still very confident with their new anti-cheat solution Vanguard.