In 2015, Microsoft launched the Microsoft Bug Bounty reward program. After years of development, the project has covered a number of Microsoft products, with a generous bonus in exchange for various types of vulnerabilities. Today, Microsoft has sunburned its achievements over the past year, paying $13.7 million in bounty to security researchers, more than three times the $4.4 million in the same period last year.
In the past 12 months, Microsoft has announced six new bounty programs and two new research funds that have attracted more than 1,000 eligible reports from more than 300 researchers on six continents. “Thank you to everyone who shared their research with Microsoft this year and for their involvement in the Microsoft Bounty Program,” Microsoft said. Thanks to their efforts, millions of customers and the wider ecosystem have become safer. “
Currently, Microsoft offers rewards including:
Microsoft Online Services.
Microsoft Azure DevOps Services.
Microsoft Dynamics 365.
Microsoft .NET Core and ASP.NET Core.
Microsoft Windows Insider Preview.
Windows Defender Application Guard.
Microsoft Edge (Chromium-based)
Microsoft Edge (EdgeHTML) on Windows Insider Preview.
Mitigation and Bounty for Defense.
Grant: Microsoft Identity.