Cyber Security

Microsoft paid out $14m in bug bounty rewards in past 12 months – report

Microsoft has awarded $13.6 million to security researchers under it bug bounty program in the past 12 months alone.

The tech giant, which runs a number of technology-specific programs under the umbrella of its coordinated vulnerability disclosure (CVD) program, revealed the figure in a blog post.

Its single highest reward was $200k, which was handed out for the discovery of vulnerabilities in its Hyper V program.

Microsoft also revealed that in the past year, security researchers netted an average of $10k per report.

Payouts

The rewards were given to more than 340 security researchers across 58 countries, said Microsoft, adding that 1,200 of the reports it received were eligible for a payout.

Microsoft said the sheer volume of reports reflects the “talent and creativity of the global security research community and their invaluable partnership in addressing the challenges of a constantly changing security environment”.

The company also said that it is “constantly evaluating” the threat landscape in order to makes changes to the program and respond accordingly.

“This year, we introduced new challenges and scenarios to award research focused on the highest impact to customer security,” said Microsoft.

“These focus areas helped us not only discover and fix risks to customer privacy and security, but also offer researchers top awards for their high-impact work.”

Source: https://portswigger.net/daily-swig/microsoft-paid-out-14m-in-bug-bounty-rewards-in-past-12-months-report

Click to comment

You May Also Like

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Cyber Security

The Environmental Protection Agency cited a lack of resources and the sheer volume of critical vulnerabilities as the reasons for its inability to patch...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version