bug bounty

In a move that underscores its commitment to cybersecurity, Microsoft has expanded its Copilot bug bounty program to include more consumer products while simultaneously increasing payouts for medium-severity vulnerabilities. This strategic update demonstrates the tech titan’s proactive stance in...

Link Removed In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the...

The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Link Removed program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities in...

For the last 20 years, the Microsoft Security Response Center has been an integral part of Microsoft’s commitment to customer security. We are often called on to talk about the work we do and how customers can apply the lessons we have learned over that period to better their security posture...

We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and...

Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing...

This is the first of a series of blog entries to give some insight into the Microsoft Security Response Center (MSRC) business and how we work with security researchers and vulnerability reports. The Microsoft Security Response Center actively recognizes those security researchers who help us...

Windows 10 represents the best and newest in our strong commitment to security with world-class mitigations. One of Microsoft’s longstanding strategies toward improving software security involves investing in defensive technologies that make it difficult and costly for attackers to find, exploit...

Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...

We’ve engineered Office to be secure by design and continually invest in enhancing its security capabilities. In the spirit of maintaining a high security bar in Office, we’re launching the Bug Bounty Program for Office Insider Builds on Windows. The Office Bug Bounty Program complements our...

It’s our pleasure to announce another exciting expansion of the Link Removed. Today, we will be adding .NET Core and ASP.NET Core to our suite of ongoing bounty programs. We are offering a bounty on the Windows and Linux versions of Link Removed and ASP.NET Core starting on September 1, 2016...

At Microsoft, we continue to add new properties to our security bug bounty programs to help keep our customer’s secure. Today, I’m pleased to announce the addition of Microsoft OneDrive to the Microsoft Online Services Bug Bounty Program. This addition further incentivizes security researchers...

I am very pleased to be releasing additional expansions of the Link Removed. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit Link Removed. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am...

With Microsoft Edge, we want to fundamentally improve security over existing browsers and enable users to confidently experience the web from Windows. We have designed Microsoft Edge to defend users from increasingly sophisticated and prevalent attacks. This post covers some of the advanced...

I am excited to announce significant expansions to the Link Removed. We are evolving the 'Online Services Bug Bounty, launching a new bounty for Project Spartan, and updating the Mitigation Bypass Bounty. This continued evolution includes additions to the Link Removed: Link Removed Azure...

Researcher uses big Facebook vulnerability to post on Mark Zuckerberg’s wall The user submitted the exploit to the Bug Bounty Program, which, apparently, refused to acknowledge it, and the user then demonstrated the exploit on Mr. Zuckerberg's Facebook profile page. Link Removed To add...

Facebook Launches Bug Bounty Program | threatpost