Navigation section
bug bounty
-
Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards
Link Removed In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the...- News
- Thread
- assessment azure bounty program bug bounty cloud services community customer protection duplicate reports hackerone microsoft online services payment processing payments policies research research areas rewards security vulnerability
- Replies: 0
- Forum: Security Alerts
-
Announcing the Microsoft Azure DevOps Bounty program
The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Link Removed program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities in...- News
- Thread
- azure devops bounty program bug bounty cloud service code submission collaborative coding community engagement developer community development lifecycle microsoft msrc online services product improvement public acknowledgment recognition rewards security security research software development vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
VIDEO Inside MSRC: Sharing Our Story & Customer Tips
For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...- News
- Thread
- best practices blue teams bug bounty cloud security coordinated disclosure customer tips cybersecurity government programs industry programs microsoft msrc operational security red teams secure code security security conferences security practices security strategy videos vulnerability
- Replies: 1
- Forum: Security Alerts
-
Recognizing Q4 Top 5 Bounty Hunters
We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and...- News
- Thread
- april 2018 ashar javed awards blackhat bounty hunters bug bounty cameron vincent june 2018 marcin towalski microsoft msrc payouts qihoo 360 recognition research security security researchers submissions top 5 vulcan team
- Replies: 0
- Forum: Security Alerts
-
Recognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing...- News
- Thread
- ashar javed awards blackhat usa bug bounty cameron vincent ecosystem kai kang mario gomes microsoft msrc national cyber security centre nick freeman quarterly researchers security submissions suresh chelladuri top 5 yunhai zhang yves jean avenard
- Replies: 0
- Forum: Security Alerts
-
Inside the MSRC – How we recognize our researchers
This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports. The Microsoft Security Response Center actively recognizes those security researchers who help us...- News
- Thread
- acknowledgement awards bug bounty community customer security cve engagement insights microsoft monthly bulletin online services operational security researchers response center security security research security update submissions threat landscape vulnerability
- Replies: 0
- Forum: Security Alerts
-
Announcing the Windows Bounty Program
Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit...- News
- Thread
- application guard bounty program bug bounty customer privacy defensive technologies hyper-v insider preview microsoft edge mitigation payments payout range remote code execution research security security bugs software security vulnerabilities windows 10 windows defender windows server
- Replies: 0
- Forum: Security Alerts
-
Bountycraft at Nullcon 2017
Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...- News
- Thread
- asia authentication azure bounty bug bounty china cloud services cross site scripting high impact india microsoft mitigations nullcon privilege escalation research community security security program vulnerabilities windows 10 workshop
- Replies: 0
- Forum: Security Alerts
-
Announcing the new Bug Bounty Program for Office Insider Builds on Windows
We’ve engineered Office to be secure by design and continually invest in enhancing its security capabilities. In the spirit of maintaining a high security bar in Office, we’re launching the Bug Bounty Program for Office Insider Builds on Windows. The Office Bug Bounty Program complements our...- News
- Thread
- bug bounty cloud services code execution customer protection early access incentives macros march 2017 microsoft office office insider penetration testing protected view quality assurance reward program security testing updates user feedback vulnerabilities windows
- Replies: 0
- Forum: Security Alerts
-
Announcing a Microsoft .NET Core and ASP.NET Core Bug Bounty
It’s our pleasure to announce another exciting expansion of the Link Removed. Today, we will be adding .NET Core and ASP.NET Core to our suite of ongoing bounty programs. We are offering a bounty on the Windows and Linux versions of Link Removed and ASP.NET Core starting on September 1, 2016...- News
- Thread
- application asp.net core beta bug bounty framework hacking kestrel linux microsoft net core payment penetration testing program rtm security software visual studio vulnerabilities web development windows
- Replies: 0
- Forum: Security Alerts
-
Microsoft Bounty Programs Announce Expansion – Bounty for Microsoft OneDrive
At Microsoft, we continue to add new properties to our security bug bounty programs to help keep our customer’s secure. Today, I’m pleased to announce the addition of Microsoft OneDrive to the Microsoft Online Services Bug Bounty Program. This addition further incentivizes security researchers...- News
- Thread
- announcements bounty programs bug bounty cansecwest customer security expansions incentives microsoft microsoft booth onedrive online services payouts programs research security security researchers submissions tech news vancouver vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
Microsoft Bounty Programs Expansion - Bounty for Defense, Authentication Bonus, and RemoteApp
I am very pleased to be releasing additional expansions of the Link Removed. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit Link Removed. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am...- News
- Thread
- authentication azure active directory black hat bounty programs bug bounty community feedback contest defense bounty las vegas microsoft microsoft account networking lounge online services payouts penetration testing remoteapp research community sdl security research vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
Microsoft Edge: Building a safer browser
With Microsoft Edge, we want to fundamentally improve security over existing browsers and enable users to confidently experience the web from Windows. We have designed Microsoft Edge to defend users from increasingly sophisticated and prevalent attacks. This post covers some of the advanced...- News
- Thread
- browser security bug bounty certificate reputation control flow guard credentials extensions hacking prevention malicious sites memory corruption memory management microsoft edge phishing sandboxing security techniques smartscreen user authentication user experience web security web standards windows 10
- Replies: 0
- Forum: Live RSS Feeds
-
Microsoft Bounty Programs Expansion – Azure and Project Spartan
I am excited to announce significant expansions to the Link Removed. We are evolving the 'Online Services Bug Bounty, launching a new bounty for Project Spartan, and updating the Mitigation Bypass Bounty. This continued evolution includes additions to the Link Removed: Link Removed Azure...- News
- Thread
- azure bounty bug bounty cloud security cloud services critical bugs exploit mitigation hyper-v microsoft mitigation bypass penetration testing project spartan remote code execution sandbox escapes security submission technical preview virtual machines vulnerability research windows 10
- Replies: 0
- Forum: Security Alerts
-
CEO Mark Zuckerberg's Facebook Page Hacked
Researcher uses big Facebook vulnerability to post on Mark Zuckerberg’s wall The user submitted the exploit to the Bug Bounty Program, which, apparently, refused to acknowledge it, and the user then demonstrated the exploit on Mr. Zuckerberg's Facebook profile page. Link Removed To add...- Mike
- Thread
- bug bounty data breach exploit facebook hacking profile access security vulnerability zuckerberg
- Replies: 1
- Forum: Windows Security
-
Windows 7 Facebook Launches Bug Bounty Program
Facebook Launches Bug Bounty Program | threatpost- JMH
- Thread
- announcement bug bounty code injection compromise ddos facebook flaws hack hacking incentives information privacy program report rumors script errors security third-party vulnerabilities
- Replies: 0
- Forum: Windows Security