Navigation section
bug bounty
-
Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards
Link Removed In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the...- News
- Thread
- assessment bounty program bug bounty cloud computing community consumer protection duplicate reports hackerone microsoft microsoft azure online services payment payment processing policies research research areas rewards security vulnerability
- Replies: 0
- Forum: Security Alerts
-
Announcing the Microsoft Azure DevOps Bounty program
The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Link Removed program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities in...- News
- Thread
- azure devops bounty program bug bounty cloud computing code submission collaborative coding community engagement developer community development lifecycle microsoft msrc online services product improvement public acknowledgment recognition rewards security security research software development vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
VIDEO Inside MSRC: Sharing Our Story & Customer Tips
For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...- News
- Thread
- best practices blue teams bug bounty cloud security code security coordinated disclosure customer tips cybersecurity government programs industry programs microsoft msrc operational security red team security security best practices security conferences video vulnerability
- Replies: 1
- Forum: Security Alerts
-
Recognizing Q4 Top 5 Bounty Hunters
We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and...- News
- Thread
- april ashar javed awards black hat bounty hunters bug bounty cameron vincent june marcin towalski microsoft msrc payouts qihoo 360 recognition research security security research submission top 5 vulcan team
- Replies: 0
- Forum: Security Alerts
-
Recognizing Q3 Top 5 Bounty Hunters
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing...- News
- Thread
- ashar javed awards blackhat usa bug bounty cameron vincent ecosystem kai kang mario gomes microsoft msrc national cyber security centre nick freeman quarterly research security submission suresh chelladuri top 5 yunhai zhang yves jean avenard
- Replies: 0
- Forum: Security Alerts
-
Inside the MSRC – How we recognize our researchers
This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports. The Microsoft Security Response Center actively recognizes those security researchers who help us...- News
- Thread
- acknowledgement awards bug bounty community customer security cve engagement extended security updates insights microsoft monthly bulletin online services operational security research response center security security research submission threat landscape vulnerability
- Replies: 0
- Forum: Security Alerts
-
Announcing the Windows Bounty Program
Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit...- News
- Thread
- application guard bounty program bug bounty defensive technologies hyper-v insider preview microsoft edge mitigation payment payout range privacy remote code execution research security security bugs software security vulnerabilities windows 10 windows defender windows server
- Replies: 0
- Forum: Security Alerts
-
Bountycraft at Nullcon 2017
Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...- News
- Thread
- asia authentication bounty program bug bounty china cloud computing cross-site scripting impact india microsoft microsoft azure mitigation nullcon privilege escalation research community security security software vulnerabilities windows 10 workshops
- Replies: 0
- Forum: Security Alerts
-
Announcing the new Bug Bounty Program for Office Insider Builds on Windows
We’ve engineered Office to be secure by design and continually invest in enhancing its security capabilities. In the spirit of maintaining a high security bar in Office, we’re launching the Bug Bounty Program for Office Insider Builds on Windows. The Office Bug Bounty Program complements our...- News
- Thread
- bug bounty cloud computing consumer protection early access execution feedback incentives insider macro march microsoft office penetration testing protected view quality assurance rewards security testing update vulnerabilities windows
- Replies: 0
- Forum: Security Alerts
-
Announcing a Microsoft .NET Core and ASP.NET Core Bug Bounty
It’s our pleasure to announce another exciting expansion of the Link Removed. Today, we will be adding .NET Core and ASP.NET Core to our suite of ongoing bounty programs. We are offering a bounty on the Windows and Linux versions of Link Removed and ASP.NET Core starting on September 1, 2016...- News
- Thread
- application asp.net core beta bug bounty framework hacking kestrel linux microsoft payment penetration testing programs rtm security software visual studio vulnerabilities web development windows
- Replies: 0
- Forum: Security Alerts
-
Microsoft Bounty Programs Announce Expansion – Bounty for Microsoft OneDrive
At Microsoft, we continue to add new properties to our security bug bounty programs to help keep our customer’s secure. Today, I’m pleased to announce the addition of Microsoft OneDrive to the Microsoft Online Services Bug Bounty Program. This addition further incentivizes security researchers...- News
- Thread
- announcement bounty program bug bounty cansecwest customer security expansion incentives microsoft microsoft booth onedrive online services payouts programs research security security research submission tech news vancouver vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
Microsoft Bounty Programs Expansion - Bounty for Defense, Authentication Bonus, and RemoteApp
I am very pleased to be releasing additional expansions of the Link Removed. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit Link Removed. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am...- News
- Thread
- authentication azure active directory black hat bounty program bug bounty contest defense bounty feedback las vegas microsoft microsoft account networking lounge online services payouts penetration testing remoteapp research community sdl security research vulnerabilities
- Replies: 0
- Forum: Security Alerts
-
Microsoft Edge: Building a safer browser
With Microsoft Edge, we want to fundamentally improve security over existing browsers and enable users to confidently experience the web from Windows. We have designed Microsoft Edge to defend users from increasingly sophisticated and prevalent attacks. This post covers some of the advanced...- News
- Thread
- authentication browser security bug bounty certificate reputation control flow guard credentials extensions hacking malicious links memory issues memory management microsoft edge phishing sandbox security techniques smartscreen user experience web security web standards windows 10
- Replies: 0
- Forum: Live RSS Feeds
-
Microsoft Bounty Programs Expansion – Azure and Project Spartan
I am excited to announce significant expansions to the Link Removed. We are evolving the 'Online Services Bug Bounty, launching a new bounty for Project Spartan, and updating the Mitigation Bypass Bounty. This continued evolution includes additions to the Link Removed: Link Removed Azure...- News
- Thread
- bounty program bug bounty cloud computing cloud security critical bugs exploit prevention hyper-v microsoft microsoft azure mitigation bypass penetration testing project spartan remote code execution sandbox escape security submission technical preview virtual machine vulnerability windows 10
- Replies: 0
- Forum: Security Alerts
-
CEO Mark Zuckerberg's Facebook Page Hacked
Researcher uses big Facebook vulnerability to post on Mark Zuckerberg’s wall The user submitted the exploit to the Bug Bounty Program, which, apparently, refused to acknowledge it, and the user then demonstrated the exploit on Mr. Zuckerberg's Facebook profile page. Link Removed To add...- Mike
- Thread
- bug bounty data breach exploit facebook hacking mark zuckerberg profile access security vulnerability
- Replies: 1
- Forum: Windows Security
-
Windows 7 Facebook Launches Bug Bounty Program
Facebook Launches Bug Bounty Program | threatpost- JMH
- Thread
- announcement bug bounty code injection compromise ddos facebook flaw hacking incentives information privacy programs report rumors script error security third party vulnerabilities
- Replies: 0
- Forum: Windows Security