Bug Bounty Programs
Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards
Tuesday, August 04, 2020
Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The security landscape is constantly changing with emerging technology and new threats.
Black Hat 2020: See you in the Cloud!
Thursday, July 30, 2020
It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to catch up with security researchers, industry partners, and customers in person, an opportunity we look forward to every year. We’ll still be there though, and look forward to the great talks and chatting in the virtual conference platform.
Meet the MSRC at Black Hat 2019
Monday, July 29, 2019
We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog.
Recognizing Q4 Top 5 Bounty Hunters
Thursday, July 26, 2018
We have tabulated the results from April-June 2018. The Top 5 Bounty Hunters for Q4 are now in. As with our list from Q3, we want to recognize both the leaders in payouts and in number of successful submissions. We appreciate the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft’s products and services over our fourth quarter.
Recognizing Q3 Top 5 Bounty Hunters
Friday, April 20, 2018
Throughout the year, security researchers submit some amazing work to us under the Microsoft Bug Bounty program. Starting this quarter, we want to give a shout out to and acknowledge the hard work and dedication of the following individuals and companies who have contributed to securing Microsoft’s products and services over our third quarter (January-March 2018).
Extending Microsoft Edge Bounty Program
Tuesday, May 16, 2017
Over the past 10 months, we’ve paid out more than $200,000 USD in bounties to researchers reporting vulnerabilities through the Microsoft Edge Bounty Program. Partnering with the research community has helped improve Microsoft Edge security, and to continue this collaboration, today we’re extending the end date of the Edge on Windows Insider Preview (WIP) bounty program to June 30, 2017.
Announcing a Microsoft .NET Core and ASP.NET Core Bug Bounty
Thursday, September 01, 2016
It’s our pleasure to announce another exciting expansion of the Microsoft Bounty Programs. Today, we will be adding .NET Core and ASP.NET Core to our suite of ongoing bounty programs. We are offering a bounty on the Windows and Linux versions of .NET Core and ASP.NET Core starting on September 1, 2016.
Microsoft Bounty Programs Announce Expansion - Bounty for Microsoft OneDrive
Thursday, March 17, 2016
At Microsoft, we continue to add new properties to our security bug bounty programs to help keep our customer’s secure. Today, I’m pleased to announce the addition of Microsoft OneDrive to the Microsoft Online Services Bug Bounty Program. This addition further incentivizes security researchers to report service vulnerabilities to Microsoft. As part of the Microsoft Online Services Bug Bounty Program, the payouts will range from $500 - $15,000 USD.