Microsoft's Spartan vulnerability scanner
Microsoft did not reinvent the wheel and returned to the practice already tested during the development of Internet Explorer: to increase the security level of the new Spartan browser, the company launches the Bug Bounty program , a reward program for reporting bugs and vulnerabilities. The Spartan browser will replace Internet Explorer in the new Windows 10 operating system, which is planned to be released this summer.
Microsoft is ready to pay up to $ 15,000 for each vulnerability found in the new browser. For example, $ 6,000 can be obtained for reporting about the possibility of remote execution of malicious code, but in order to raise the reward limit, you also need to write an example of a program using this vulnerability.
Full table of rewards.
Microsoft may increase payouts at its discretion depending on the complexity of the vulnerability found.
')
The conditions for participation in the Bug Bounty Program are quite simple. You must:
The vulnerability scan program is valid until June 22, 2015. In order to get money for a successfully found bug, you will need to provide information about yourself via email at secure@microsoft.com . Microsoft has no preconceptions about the qualifications of testers, anyone can report a vulnerability and be rewarded. Representatives from Microsoft explain that when duplicate reports appear, the user who receives the first vulnerability will receive the money.
Via softpedia
Microsoft is ready to pay up to $ 15,000 for each vulnerability found in the new browser. For example, $ 6,000 can be obtained for reporting about the possibility of remote execution of malicious code, but in order to raise the reward limit, you also need to write an example of a program using this vulnerability.
Full table of rewards.
Microsoft may increase payouts at its discretion depending on the complexity of the vulnerability found.
')
The conditions for participation in the Bug Bounty Program are quite simple. You must:
- Be over 14 years old or have parents / guardians permission to participate in the program;
- Do not represent information security organizations;
- If you are an employee of such an organization, then within the program you must act as an individual;
- The employer must be notified of your participation in the program;
- Not to be a resident of the state included in the sanctions list of the United States (Syria, Iran, Cuba, Sudan, North Korea);
- Not a Microsoft employee.
The vulnerability scan program is valid until June 22, 2015. In order to get money for a successfully found bug, you will need to provide information about yourself via email at secure@microsoft.com . Microsoft has no preconceptions about the qualifications of testers, anyone can report a vulnerability and be rewarded. Representatives from Microsoft explain that when duplicate reports appear, the user who receives the first vulnerability will receive the money.
Via softpedia
Source: https://habr.com/ru/post/374975/
All Articles