Microsoft bug bounty program

Microsoft has announced a bug bounty program under which it is offering a reward of $100,000 to anyone who manages to hack its custom Linux operating system – Azure Sphere OS.

The company developed the Azure Sphere OS last year for its Internet of Things platform. The bug bounty program dubbed “Azure Sphere Security Research Challenge” will run for three months with the application submission date for participation ends on May 15, 2020.

Hackers need to breach the Pluton Security Subsystem or Secure World Sandbox in order to win the prize. Microsoft says it will offer $100,000 for “specific scenarios” during the program. There are two key scenarios according to Microsoft:

  • Ability to execute code on Pluton which is Microsoft’s hardware security program to secure its IoT devices
  • Ability to execute code on Secure World which is an environment in the application processor’s ARM Cortex-A subsystem

According to Microsoft, the bug bounty challenge is more focused on Azure Sphere OS and aims to “spark new high impact security research in Azure Sphere“.

To learn more about Microsoft Azure Sphere OS and to participate in the challenge, applicants will be offered the following resources by the company:

  • Azure Sphere development kit (DevKit)
  • Access to Microsoft products and services for research purposes
  • Azure Sphere product documentation
  • Direct communication channels with the Microsoft team

You can participate in the Microsoft Azure Sphere Security Research Challenge by submitting your application on this link before May 15. The challenge will commence from June 1st onwards and will run until August 31.

To learn more about the challenge, you can visit Microsoft’s official blog for it.

SHARE
Avatar
Anmol is a tech journalist who handles reportage of cybersecurity and Apple and OnePlus devices at Fossbytes. He's an ambivert who is striving hard to appease existential crisis by eating, writing, and scrolling through memes.