• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Elementor #32036

January 24, 2025

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

April 18, 2024

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

April 16, 2024
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    It’s 2023 and Spotify Still Can’t Say When AirPlay 2 Support Will Arrive

    April 4, 2023

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Tech News»Microsoft doles out $13.7m in bug bounties
Tech News

Microsoft doles out $13.7m in bug bounties

August 13, 2022No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Microsoft doles out $13.7m in bug bounties
Share
Facebook Twitter LinkedIn Pinterest Email

Microsoft has paid out a total of $13.7m (£11.3m, €13.3m) in bug bounties over the past 12 months, with 330 researchers from 46 countries acknowledged for their assistance in discovering and reporting a total of 1,091 valid vulnerabilities in Redmond’s products across 17 different bug bounty programmes.

Vulnerabilities in Microsoft’s wares are particularly valuable to threat actors due to the ubiquitous nature of its products in the modern enterprise – Microsoft frequently finds itself dealing with high-profile incidents such as PrintNightmare or ProxyLogon, and its monthly Patch Tuesday drop is a must-watch event for security professionals.

On this basis, bug bounties paid out by Microsoft tend to be higher, with the average payout made through its programme coming it at $12,000, substantially above the general average of $3,000, as reported by bug bounty specialist HackerOne.

The largest payment made by Microsoft in the past year was a massive $200,000 under the Hyper-V programme, for an undisclosed vulnerability.

Broken out by geography, Microsoft’s data reveal the majority of the ethical hackers working through its programmes are located in China, India and the US, ahead of Australia, Canada, Germany and the UK.

Microsoft’s Lynne Miyashita and Madeline Eckert wrote: “We believe partnerships with the global security research community are an essential part of protecting customers, and we will continue to invest in and evolve our bounty programmes as a part of strengthening these partnerships. Thank you to all the researchers who shared their research with Microsoft this year to help secure millions of Microsoft customers.”

In the past year, Microsoft has poured focus into evolving its programmes and partnerships in response to the changing threat landscape, they added, particularly as it relates to cloud-based products and services. “A key element of this maturing process is listening to feedback from researchers to remove barriers to entry and better facilitate research efforts,” they said.

See also  Microsoft says a 5-person sharing tier and Windows 11 widget is coming to Game Pass

“This year, we introduced a research challenge and new high-impact attack scenarios across many of our programmes to award research focused on the most critical areas to customer security.

“The addition of these attack scenarios to our Azure, Dynamics 365 and Power Platform, and M365 bounty programmes helps to focus research on the highest impact cloud vulnerabilities including areas like Azure Synapse Analytics, Key Vault, and Azure Kubernetes Services.”

Meanwhile, the high-impact and valuable work of ethical hackers was on display this week at Black Hat USA in Las Vegas, where crowdsourced bug specialist Bugcrowd ran its first in-person, live hacking event since the Covid-19 pandemic began, on behalf of Indeed.com, a job-search platform.

Bugcrowd’s Vegas Bug Bash connected Indeed.com with ethical hackers to test out its business-critical attack surfaces and mobile applications, uncovering potentially dangerous security blind spots, and improving testing methodologies at the same time.

Indeed is a long-standing customer of Bugcrowd, and has already rewarded more than 1,500 valid vulnerability submissions. The firm’s chief information security officer (CISO) Anthony Moisant said: “At Indeed, job seekers and employers alike trust us to protect their information. As we continue rapid growth and product development, we all know that bad actors continue advancing their tactics.

“By engaging Bugcrowd researchers in this Bug Bash, we’re partnering with good actors to help spot – and fix – vulnerabilities to help people get jobs securely.”

“We are excited about this latest Bug Bash because working in teams showcases the power of human ingenuity, and we want to congratulate Indeed on being a security-first company looking to further ensure their digital assets are secure,” said Ashish Gupta, Bugcrowd CEO.

See also  We've got good and unhealthy information about that video of the robotic canine firing a gun

“With the sprawling digitisation of information and assets, and the resulting increase in cyber threats, business leaders need to adopt continuous testing practices that align with their continuous innovation.”

Source link

13.7m bounties bug doles Microsoft
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Microsoft Surface Laptop Go 3 review

October 26, 2023

Microsoft Surface Laptop Studio 2 review

October 13, 2023

ChatGPT Opened a New Era in Search. Microsoft Could Ruin It

March 27, 2023

Microsoft names lead independent director; startup vet Rebecca Lovell joins Greater Seattle Partners – Startup

March 15, 2023
Add A Comment

Comments are closed.

Editors Picks

As corporations calculate cyber threat, the proper knowledge makes an enormous distinction

July 22, 2022

Dead by Daylight dating sim Hooked on You is now available

August 4, 2022

New PS5 update rolling out with 1440p support, gamelists, and UX improvements

September 7, 2022

PlayStation calls Xbox’s Call of Duty agreement “inadequate”

September 7, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Elementor #32036

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.