Skip to main content

Microsoft Identity Bounty Program Pays $500 to $100,000 for Bugs

posted onJuly 18, 2018
by l33tdawg
Bug-bounty
Credit: Bug-bounty

A new Microsoft bug bounty program asks researchers to hunt down vulnerabilities affecting its identity services in exchange for rewards ranging from $500 to $100,000.

Microsoft has been building its portfolio of identity services for both consumer (Microsoft Account) and enterprise (Azure Active Directory) accounts. Researchers who participate in the Identity Bounty Program will submit flaws they discover in Microsoft's identity solutions and certified implementations of select OpenID standards, the company states.

In order to be eligible for payouts, submissions must meet certain standards: Vulnerabilities must be original, previously unreported, lead to the takeover of a Microsoft account or Azure AD account, include the impact and attack vector, and detail the steps to reproduce the flaw.

Source

Tags

Microsoft Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th