Data Security

Microsoft paid over $2M USD in its vulnerability bounty program last year

According to the authors of the book Learn ethical hacking, Microsoft paid more than $2M USD to security experts who participated in its vulnerability bounty program during 2018. Experts from the International Institute of Cyber Security (IICS) report that the software company’s plans focus on extending this rewards program by implementing a series of improvements that will significantly contribute to the cybersecurity community.

This expansion will begin with the Cloud,
Windows and Azure DevOps programs, which will award rewards at the end of the
replay and evaluation of each shipment rather than waiting until a final
solution has been determined.

According to the authors of the book Learn
ethical hacking, reducing the time from the presentation to the determination
of rewards, Microsoft
will help researchers to make gains in reduced times, which should encourage
them to follow Working in the area of ethical hacking; This measure could even
contribute to adding more investigators to this cause.

The company announced a series of measures for improving
bounty program, including:

  • Increased
    vulnerability bounties at Github
    platform
  • European
    Union participation in program financing, to improve open source software
  • Launch
    of an HP printer vulnerability bounty program

The authors of Learn ethical hacking mention
that Microsoft has also formed an alliance with HackerOne, a platform that will
handle the processing of reward payments, making this process really efficient.
This security platform, operated by highly trained hackers, will also include
new payment options, including bank transfers in more than 30 different
currencies, and payments via PayPal.

Microsoft will also increase rewards payments.
For example, the Windows Insider Preview bounty will increase from $15k USD to $50k
USD; on the other hand, Cloud Bounty for Azure and Office 365, will increase
from $15k USD to $20k USD, according to the authors of Learn ethical hacking.

To Top

Pin It on Pinterest

Share This