Microsoft AI and Cloud: New bug bounty event with 4 million US dollar reward
Security researchers who discover loopholes in Microsoft products during the new Zero Day Quest event can win big cash rewards.
(Image: Maksim Shmeljov/Shutterstock.com)
Microsoft wants to increase the security of its products and services and is calling on security researchers to take part in the extended Zero Day Quest bug bounty program. The event offers 4 million US dollars in rewards for finding security vulnerabilities. The technology company then investigates the vulnerabilities and develops security updates.
Framework guidelines
According to an article, the focus is primarily on AI and cloud services. The event will run from now until January 19, 2025, Microsoft explains. The top ten and 45 security researchers selected based on their submissions will then be invited to the onsite hacking event at the Microsoft campus in Redmond, Washington.
The hunt for vulnerabilities includes Azure, Dynamics 365, M365, Identity, Microsoft AI and Power Platform. Microsoft states that it has permanently doubled the rewards for software vulnerabilities in AI products. A maximum of 30,000 US dollars is available for a vulnerability that allows attackers to execute malicious code, for example. For the duration of the event, there are rewards on selected areas plus 50 percent on certain cash rewards.
However, there will only be a payout if security researchers follow the rules for finding loopholes. Among other things, Microsoft engineers must be able to trace all the steps of an attack. If submissions do not meet the criteria, they are rejected. DoS attacks do not count.
Videos by heise
The event organizer summarizes further information on the individual categories in these articles:
(des)
