Friday, Dec 6
Microsoft Bounty Programs
Friends, hackers, researchers! Want to help us protect customers, making some of our most popular products better? And earn money doing so? Step right up…
Microsoft is now offering direct payments in exchange for reporting certain types of vulnerabilities and exploitation techniques.
In 2002, we pioneered the Trustworthy Computing initiative to emphasize our commitment to doing what we believe best helps improve our customers’ computing experience. In the years since, we introduced the Security Development Lifecycle (SDL) process to build more secure technologies. We also championed Coordinated Vulnerability Disclosure (CVD), formed industry collaboration programs such as Microsoft Active Protections Program (MAPP) and Microsoft Vulnerability Research (MSVR), and created the BlueHat Prize to encourage research into defensive technologies. Our new bounty programs add expanded depth and flexibility to our existing community outreach programs. Having these bounty programs provides a way to harness the collective intelligence and capabilities of security researchers to help further protect customers.
As of November 2013, Microsoft has expanded the participant pool for the Mitigation Bypass Bounty and the BlueHat Bonus for Defense. Program participants can now include responders and other individuals and organizations who turn in novel mitigation bypass techniques that they see used in attacks in the wild.
The following bounty programs launched on June 26, 2013:
Want to know more?
Trustworthy Computing's Mike Reavey, Jonathan Ness, and Katie Moussouris introduce new bounty programs for security researchers.
About the Program
Microsoft Security :: Security Vulnerability | Report a Vulnerability | MSRC:
BlueHat v13 is Coming
Friday, Dec 6