Good news, security researchers! Microsoft has made a number of changes to its bug bounty program that could mean a lot more cash in your pocket for a successful submission. Here’s everything you need to know.
For starters, Microsoft is raising the maximum Bounty for Defense reward from $50,000 to $100,000. Bounty for Defense submissions are described as defensive ideas that accompany a qualifying Mitigation Bypass submission.
Read: Microsoft and NASA send Hololens to SpaceFurthermore, from now through October 5, Microsoft is offering a bonus for Authentication vulnerabilities in the Online Services Bug Bounty. Payouts during this period will be twice the normal amount meaning researchers can, for example, earn up to $30,000 for an Authentication vulnerability submission.
Last but not least, Microsoft has added RemoteApp to the list of domains covered in the Online Services Bug Bounty. RemoteApp allows users to run Windows apps hosted in Azure anywhere and on a number of different devices.