Microsoft Bounty Program Updates: Faster bounty review, faster payments, and higher rewards

In 2018 The Microsoft Bounty Program awarded over $2,000,000 to encourage and reward external security research in key technologies to protect our customers. Building on that success, we are excited to announce a number of improvements in our bounty programs to better serve the security research community.   Faster bounty review – As of January 2019,…

0

Join Microsoft Security Response at the Product Security Operations forum at LocoMocoSec!

The MSRC is more than managing vulnerability reports, publishing Microsoft security updates, and defending the cloud. The MSRC is passionate about helping everyone improve internal engineering practices and supporting the defender community, and are excited to partner with Blackberry to host a Product Security Operations Forum at LocoMocoSec on April 18, 2019. Featuring exceptional speakers…

0

Call for Papers | Microsoft BlueHat Shanghai 2019

The Microsoft Security Response Center (MSRC) recently announced our first BlueHat security conference in Shanghai which will take place on May 29-30, 2019. After 15 years of BlueHat events in Redmond, Washington and Israel, we are thrilled to expand to a new location. We work with many talented security researchers throughout the Asia Pacific region…

0

Practical advice for earning higher Microsoft bounty awards

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core pieces of advice. First, focus vulnerability research on the products…

0

Microsoft’s Cyber Defense Operations Center shares best practices

Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. As we look at the current state of cybersecurity challenges today, we…

0

Announcing the Microsoft Azure DevOps Bounty program

The Microsoft Security Response Center (MSRC) is pleased to announce the launch of the Azure DevOps Bounty program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities in Azure DevOps online services and the latest release of Azure…

0