Skip to main content
MSRC

Community-based Defense

Announcing the Launch of the Azure SSRF Security Research Challenge

Thursday, August 19, 2021

Microsoft is excited to announce the launch of a new, three-month security research challenge under the Azure Security Lab initiative. The Azure Server-Side Request Forgery (SSRF) Research Challenge invites security researchers to discover and share high impact SSRF vulnerabilities in Microsoft Azure. Qualified submissions are eligible for bounty rewards up to $60,000 USD, with additional awards for identifying innovative or novel attack patterns.

Read More

Congratulations to the MSRC 2021 Most Valuable Security Researchers!

Wednesday, August 04, 2021

The MSRC Researcher Recognition Program offers public thanks and acknowledgement to the researchers who help protect customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this year’s Most Valuable Security Researchers (MVRs) based on the impact, accuracy,

Read More

Introducing Bounty Awards for Teams Mobile Applications Security Research

Monday, July 19, 2021

We are pleased to announce the addition of Microsoft Teams mobile applications to the Microsoft Applications Bounty Program. Through the expanded program we welcome researchers from across the globe to seek out and disclose any high impact security vulnerabilities they may find in Teams mobile applications to help secure customers. Rewards up to $30,000 USD are available for eligible submissions.

Read More

Microsoft Bug Bounty Programs Year in Review: $13.6M in Rewards

Thursday, July 08, 2021

Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. Bug bounty programs are one part of this partnership. By discovering and reporting vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure (CVD), researchers continue to help us secure millions of customers. Over the past 12 months, Microsoft awarded $13.

Read More

Introducing Bounty Awards for Teams Desktop Client Security Research

Wednesday, March 24, 2021

Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. As much of the world has shifted to working from home in the last year, Microsoft Teams has enabled people to stay connected, organized, and collaborate remotely. Microsoft and security researchers across the planet continue to partner to help secure customers and the technologies we use for remote collaboration.

Read More

MSRC Security Researcher Recognition: 2021

Wednesday, February 10, 2021

Wondering how to get into the 2021 MSRC Most Valuable Security Researcher list and get recognized during the Black Hat USA this August? Read on to learn more about the different paths you can take to get into the top researcher tiers. The MSRC Most Valuable Security Researcher (MVR) and MSRC Contributor are tiers in the Researcher Recognition Program which annually recognize researchers for impactful contributions, considering report impact, accuracy and volume.

Read More

Top MSRC 2020 Q4 Security Researchers – Congratulations!

Thursday, January 14, 2021

We’re excited to announce the top contributing researchers for the 2020 Fourth Quarter (Q4)! Congratulations to all of the researchers who made this quarter’s leaderboard and a huge thank you to everyone who continues to help secure our customers and the ecosystem. The top three researchers of the 2020 Q4 Security Researcher Leaderboard are: Cameron Vincent (2065 points) , Yuki Chen (1535 points) , and Suresh C (862 points).

Read More