View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 17, 2019

Microsoft Bug Bounty Programme Expands to Azure DevOps

Rewards of up to $20k

By CBR Staff Writer

Crowd-sourced security is all the rage (albeit increasingly controversially in some quarters). Bug bounty hunters, who can get paid for submitting vulnerabilities they have discovered, will be pleased to note a fresh opportunity to earn cash however, with Microsoft adding a tenth product to its range of active bug bountry programmes.

Microsoft Azure DevOps bug bounty, launching today, comes with rewards of up to $20,000 for high quality submissions. It spans eligible vulnerabilities in Azure DevOps online services and the latest release of Azure DevOps server.

(Azure DevOps is a cloud service for collaborating on code development, spanning the breadth of the development lifecycle to help developers ship software faster.)

Open Microsoft Bug Bounty Programmes

It joins bug bounty programmes open for Microsoft Identity, Windows Insider Preview, Windows Defender Application Guard, Microsoft Hyper-V, Microsoft Edge on Windows Insider Preview, Mitigation Bypass and Bounty for Defense, Office Insider, Microsoft .NET Core and ASP.NET Core.

Security researchers wanting a chance to earn serious money, however, may want need to focus on Microsoft Identity (bounties of up to $100,000) and Hyper-V, where critical remote code execution, information disclosure and denial of services vulnerability submissions have a chance of winning them up to $250,000.

See also: The Bug Bounty Bonanza: Pay Outs Surge and Interest Soars

Microsoft’s Jarek Stanley said: “The researcher community plays an essential role in keeping our customers secure, and we will review every submission and recognize your efforts according to our program MSRC criteria. If your submission isn’t eligible for bounty but still helps us fix or improve our product, we’ll offer public thanks and recognition for your contribution.”

Read this: NCSC Vulnerability Reporting: Hack the Gov’t, Get a Pat on the Back


Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.