With Windows 10 recently unveiled, Microsoft says it’s boosting the amount of money it gives to bug hunters.
Those that can prove the ability to bolster the tech giant’s defenses as part of a “Bounty for Defense” initiative will receive $100,000, up from $50,000 previously, according to ZDNet.
“Learning about new exploitation techniques earlier helps Microsoft improve security by leaps, instead of capturing one vulnerability at a time as a traditional bug bounty alone would,” the company said.
There appears to be more money to be had for other security achievements for bug hunters, too. Those who tackle authentication security issues will receive doubled rewards from Aug. 5 to Oct. 5, a bonus period, according to ZDNet.
Here’s the full list of ongoing bug-hunting programs, and the amount fixes pay, taken from a Microsoft blog post:
1. Online Services Bug Bounty
Start Date: 23 September 2014
Microsoft Azure services additions: 22 April 2015
Microsoft Account services additions: 5 August 2015
The Online Services Bug Bounty program gives individuals across the globe the opportunity to submit vulnerability reports on eligible Online Services (O365 and Microsoft Azure) provided by Microsoft. Being ahead of the game by identifying the exploit techniques in our widely used services helps make our customer’s environment more secure. Qualified submissions are eligible for payment from a minimum of $500 USD up to $15,000 USD.
Start Date: 26 June 2013
Microsoft will pay up to $100,000 USD for truly novel exploitation techniques against protections built into the latest version of our operating system. Learning about new exploitation techniques earlier helps Microsoft improve security by leaps, instead of capturing one vulnerability at a time as a traditional bug bounty alone would.
Start Date: 26 June 2013
Additionally, Microsoft will pay up to $100,000 USD for defensive ideas that accompany a qualifying Mitigation Bypass submission. Doing so highlights our continued support of defensive technologies and provides a way for the research community to help protect more than a billion computer systems worldwide (in conjunction with the Mitigation Bypass Bounty).
- What We Know So Far About the Deadly Earthquakes in Turkey and Syria
- Beyoncé's Album of the Year Snub Fits Into the Grammys' Long History of Overlooking Black Women
- How the U.S. Shot Down the Alleged Chinese Spy Balloon
- Effective Altruism Has a Toxic Culture of Sexual Harassment and Abuse, Women Say
- Inside Bolsonaro's Surreal New Life as a Florida Man—and MAGA Darling
- 'Return to Office' Plans Spell Trouble for Working Moms
- 8 Ways to Read More Books—and Why You Should
- Why Aren't Movies Sexy Anymore?
- How Logan Paul's Crypto Empire Fell Apart