Microsoft Asks Researchers To “Do Their Worst,” Doubles Azure Bounty To $40,000


At the ongoing Black Hat USA 2019 conference, Microsoft announced the Azure Security Lab ‚ a sandbox-like environment for security researchers to test Azure security without putting the company’s customers at risk.

The new Azure Cloud host testing environment will allow security researchers to test attacks on infrastructure-as-a-service (IaaS) scenarios without affecting users.

With isolated hosts, researchers will have more flexibility to research. They can not only research vulnerabilities in Azure, but also attempt to exploit them.

Microsoft is inviting researchers to come forward and “do their worst” (read best) to emulate criminal hackers in a customer-safe cloud environment — the Azure Security Lab.

Microsoft Azure Bug Bounty Rewards Doubled

Microsoft has also doubled its top bug bounty to $40,000 for those who find Azure vulnerabilities. Earlier, the reward for sniffing out flaws in Azure DevOps was $20,000.

Azure DevOps is a cloud service that was launched back in 2018 to facilitate collaboration on code development across the entire development lifecycle.

So far, Microsoft has issued $4.4 million dollars in bounty rewards in the last 12 months across various programs.

There are new scenario-based challenges in the Azure Security Lab with additional bounty awards of up to $300,000. Throughout the year, more than $2 million of scenario bounty rewards will be issued to Azure Security Lab participants.

Meanwhile, the Redmond giant has also made several changes to its security researcher reputation system.

It has improved the transparency of the recognition model, added reputation points, and established a tier-based system of rewards for the security researchers.

Also Read: Google And NASA Are ‘Leaking Data’ Via Misconfigured Jira Servers
Manisha Priyadarshini

Manisha Priyadarshini

An Editor and a Tech Journalist with a software development background. I am a big fan of technology and memes. At Fossbytes, I cover all aspects of tech but my specific area of interest is Programming and Development.
More From Fossbytes

Latest On Fossbytes

Find your dream job