research community

  1. Extending the Microsoft Edge Bounty Program

    Over the past ten months we have paid out over $200,000 USD in bounties. This collaboration with the research community has resulted in significant improvements in Edge security and has allowed us to offer more proactive security for our customers. Keeping in line with our philosophy of...
  2. Bountycraft at Nullcon 2017

    Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...
  3. Microsoft Bounty Programs Expansion - Bounty for Defense, Authentication Bonus, and RemoteApp

    I am very pleased to be releasing additional expansions of the Link Removed. Please stop by the Microsoft Networking Lounge at Black Hat, August 5-6, to learn more about these programs; or, visit Link Removed. We are raising the Bounty for Defense maximum from $50,000 USD to $100,000 USD. I am...
  4. Microsoft hosts BlueHatv11, releases four bulletins

    Hello, On this November Update Tuesday, we’re recapping the Link Removed, which Microsoft hosted in Redmond last week. We are also releasing four security updates, so please read on for details. Microsoft hosted its Link Removed of the BlueHat conference Nov. 2-4. The event featured...
  5. Announcing the BlueHat Prize for Advancement of Exploit Mitigations

    Protecting the general computing ecosystem is a really tough job, and given some of the media headlines, it’s easy to get discouraged and wallow in the problems. It seems like we’re constantly bombarded with statistics measuring the number of bugs, vulnerabilities, or attacks in an...
  6. Community-Based Defense: Looking Outward, Moving Forward

    Two years ago, in front of a standing-room only crowd here at Black Hat, we introduced three new information sharing programs as well as the concept of Community-Based Defense. The underlying concept shared by all three programs was simple-collaboration will be key to preventing and defending...