Microsoft launched its Bug Bounty program along with expanding the program beyond what has been till now. The Bug Bounty program is common to more or less every software company, where the company announces a hefty reward for hackers who are able to detect and find out any security vulnerability in their system. Whereas hackers usually unfold vulnerability in the system, and then sell it on black market, the company provides a huge prize money which somehow detracts the hackers. In the long run, the company is benefitted because the system is debugged, patched and transformed into a stronger security system.
Microsoft raised an expansion in its Bug Bounty program by including the security of various domains like Defense, Authentication Bonus and RemoteApp. It is to be noted thst the reward for Defense has been escalated from $50,000 USD to $100,000 USD.
According to Microsoft, the Bug Bounty Program will involve a new approach which is given below:
1. Authentication vulnerabilities will receive double bounty payouts
2. Microsoft Account (MSA) and Azure Active Directory (AAD) vulnerabilities
Bonus period will run from August 5, 2015 – October 5, 2015
3. All payouts during this period will receive twice the normal payout (that means we will pay $30,000 USD for a great Authentication vulnerability!)
4. MSA contest at Black Hat
Come show us your 1337 skills and win an Xbox One, Surface 3, or one year of full MSDN access.
5. Come visit us at the Microsoft Networking Lounge, August 5-6, in Mandalay Bay to review full rules and to participate
6. RemoteApp: RemoteApp lets users run Windows apps hosted in Azure anywhere, and on a variety of devices
RemoteApp is being added as a new property of the Online Services Bug Bounty Program and all of the regular terms and payout rules apply
However the bug bounty program is just a part of the exhaustive security enhancement programs.