Sign up for our newsletter
Technology / Cybersecurity

Microsoft Bug Bounty Programme Expands to Azure DevOps

Crowd-sourced security is all the rage (albeit increasingly controversially in some quarters). Bug bounty hunters, who can get paid for submitting vulnerabilities they have discovered, will be pleased to note a fresh opportunity to earn cash however, with Microsoft adding a tenth product to its range of active bug bountry programmes.

Microsoft Azure DevOps bug bounty, launching today, comes with rewards of up to $20,000 for high quality submissions. It spans eligible vulnerabilities in Azure DevOps online services and the latest release of Azure DevOps server.

(Azure DevOps is a cloud service for collaborating on code development, spanning the breadth of the development lifecycle to help developers ship software faster.)

Open Microsoft Bug Bounty Programmes

It joins bug bounty programmes open for Microsoft Identity, Windows Insider Preview, Windows Defender Application Guard, Microsoft Hyper-V, Microsoft Edge on Windows Insider Preview, Mitigation Bypass and Bounty for Defense, Office Insider, Microsoft .NET Core and ASP.NET Core.

White papers from our partners

Security researchers wanting a chance to earn serious money, however, may want need to focus on Microsoft Identity (bounties of up to $100,000) and Hyper-V, where critical remote code execution, information disclosure and denial of services vulnerability submissions have a chance of winning them up to $250,000.

See also: The Bug Bounty Bonanza: Pay Outs Surge and Interest Soars

Microsoft’s Jarek Stanley said: “The researcher community plays an essential role in keeping our customers secure, and we will review every submission and recognize your efforts according to our program MSRC criteria. If your submission isn’t eligible for bounty but still helps us fix or improve our product, we’ll offer public thanks and recognition for your contribution.”

Read this: NCSC Vulnerability Reporting: Hack the Gov’t, Get a Pat on the Back

 


This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.