Tuesday, September 17, 2024
HomeBug BountyBug Bounty Program: Microsoft Rewarded $13.8M for 345 Security Researches

Bug Bounty Program: Microsoft Rewarded $13.8M for 345 Security Researches

Published on

Microsoft Bug Bounty Program awarded $13.8M for their collaboration with over 345 security researchers from +45 countries around the world between July 01, 2023, to June 30, 2023.

Bug Bounty Programs authorize independent security experts to report bugs to a company in exchange for rewards or compensation. 

These bugs can include security exploits, vulnerabilities, process issues, hardware flaws, etc. It is also known as a vulnerability rewards program (VRP).

- Advertisement - EHA

Bug bounty programs allow companies to leverage the hacker community to improve their systems’ security posture over time.

Larger companies, including Apple, use bug bounty programs as a part of their security program.

These programs have access to a larger number of hackers or testers, thereby increasing the chances of finding bugs before malicious hackers attempt to exploit them.

The bounty programs are spread across cloud, platform, and Defense & Grant programs such as Microsoft Azure, Xbox, Microsoft Dynamics 365 and Power Platform, M65, and more.

Each program has its own scope, eligibility criteria, award range, and submission guidelines.

Bug Bounty Program in the Past 12 Months

  • Intune Bug Bounty research invitation challenge July 2022
  • New high-impact research scenarios added to the Microsoft 365 Insider Builds on Windows Bounty Program January 2023
  • Microsoft Teams Preview Bug Bounty research invitation challenge January 2023
  • New Bing Bug Bounty research invitation challenge March 2023
  • New severity classification for Online Services added to the Microsoft 365 Bounty Program April 2023
  • New scope added to the Identity Bounty Program June 2023
  • Secure boot research scenarios added to Windows Insider Preview Bounty Program July 2023

“In the coming year, we will continue to improve our programs based on your feedback. We appreciate our global security research community for their ongoing partnership and for sharing their expertise to help secure millions of Microsoft customers.

We look forward to strengthening our existing relationships and building new ones”, said the Microsoft Bug Bounty Team.

Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.

Latest articles

North Korean Hackers Attacking LinkedIn Users to Deliver RustDoor Malware

North Korean hackers have been identified as targeting LinkedIn users to deliver sophisticated malware...

Creating An AI Honeypot To Engage With Attackers Sophisticatedly

Honeypots, decoy systems, detect and analyze malicious activity by coming in various forms and...

Key Russian Hacker Group Attacking Users With .NET Built Ransomware

The Russian ransomware group Key Group, active since early 2023, is targeting organizations globally,...

Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks

Song Wu, a Chinese national, has been indicted on charges of wire fraud and...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

North Korean Hackers Attacking LinkedIn Users to Deliver RustDoor Malware

North Korean hackers have been identified as targeting LinkedIn users to deliver sophisticated malware...

Creating An AI Honeypot To Engage With Attackers Sophisticatedly

Honeypots, decoy systems, detect and analyze malicious activity by coming in various forms and...

Key Russian Hacker Group Attacking Users With .NET Built Ransomware

The Russian ransomware group Key Group, active since early 2023, is targeting organizations globally,...