Jump to content
Sign in to follow this  
Guest_Jim_*

Microsoft Updates Bug Bounty Program, Including Increase to Rewards

Recommended Posts

As diligent and skilled as any company's developers and quality assurance teams might be, there are almost certainly issues that slip by them. This is why some companies have bug bounty programs, so when someone outside the company reports the issue they can be rewarded for it. Microsoft is among those with such a program and has recently made some changes to it. Among the changes, the top award levels for the Windows Insider Preview increased from $15,000 to $50,000 and the Microsoft Cloud Bounty top level also got a bump from $15,000 to $20,000. While these increases are definitely nice, they are hardly the only changes. Rewards will now be given following successful reproduction and assessment of the submission, instead of waiting until a final fix has been developed. Microsoft is also partnering with HackerOne for the payment processing, which offers more ways to accept the reward, including having it split or donated to charities. Finally, the rules for duplicates has been changed so that the first external report of an internally known issue will get the full award it deserves. Previously the award would have been just 10% for that first report. The policy for duplicate external reports has not changed though.

Source: Microsoft



Back to original news post

Share this post


Link to post
Share on other sites

Ethical hacking to find security flaws does pay better, albeit less regularly, than general software engineering.

 

HackerOne has over 900 bug bounty programs in more than 195 countries. The top 1.1 per cent hackers using HackerOne earn more than $350,000 annually.  https://www.hackerone.com/

Share this post


Link to post
Share on other sites
Sign in to follow this  

×