Microsoft awards $374k in bounties for Azure Sphere Security Research Challenge
Since 2003, the month of October has been recognized as National Cybersecurity Awareness month and after a three-month research challenge which dovetailed into the beginning of October, Microsoft finally awarded $374,300 to the global IoT security research community for finding vulnerabilities in Azure Sphere.
In what Microsoft dubbed the Azure Sphere Security Research Challenge, 70 researchers from 21 countries gathered to surface security exploits in the company’s Azure Sphere and over the course of 90-days the researchers found 40 exploits, 20 of which were considered “Critical or Important severity security vulnerabilities.”
According to the Microsoft Security Response Center blog, the company broke up the bounties into two high priority research scenarios that focused on the core of the Azure Sphere OS and then six general scenarios across various levels of Azure Sphere OS. In the end, Microsoft awarded the $374,300 bounty awards across 16 eligible reports.