Vn-Z.vn November 23, 2023, Today Microsoft announced the launch of a new reward program for Microsoft Defender, with the main goal of encouraging security researchers to discover vulnerabilities in this software, The highest reward is up to 20,000 USD (more than 484 million VND).
According to Microsoft, Microsoft Defender is designed to enhance the safety experience of Microsoft customers, and the Microsoft Defender bounty program will invite security researchers globally to find vulnerabilities in this software. The new Defender vulnerability round will start with a "limited scope," focusing on the Microsoft Defender for Endpoint API and gradually expand to other Defender products over time.
Microsoft also said that vulnerabilities submitted by security experts must meet the following criteria to receive the reward:
Criteria for receiving rewards include:
1. Must be a newly discovered vulnerability, excluding vulnerabilities previously reported to Microsoft.
2. Correlated vulnerabilities need to be of a certain severity and reproducible on the latest and complete version of the product or service.
3. Security researchers need to provide clear, simple, and reproducible instructions, whether in text or video form.
The associated prize will range from $500 to $8000 depending on the severity of the vulnerability. For researchers who discover remote code execution vulnerabilities in Defender, rewards for this type of vulnerability will range from $5,000 to $20,000.
You can refer to more information at Microsoft Defender Bounty Program
According to Microsoft, Microsoft Defender is designed to enhance the safety experience of Microsoft customers, and the Microsoft Defender bounty program will invite security researchers globally to find vulnerabilities in this software. The new Defender vulnerability round will start with a "limited scope," focusing on the Microsoft Defender for Endpoint API and gradually expand to other Defender products over time.
Microsoft also said that vulnerabilities submitted by security experts must meet the following criteria to receive the reward:
Criteria for receiving rewards include:
1. Must be a newly discovered vulnerability, excluding vulnerabilities previously reported to Microsoft.
2. Correlated vulnerabilities need to be of a certain severity and reproducible on the latest and complete version of the product or service.
3. Security researchers need to provide clear, simple, and reproducible instructions, whether in text or video form.
The associated prize will range from $500 to $8000 depending on the severity of the vulnerability. For researchers who discover remote code execution vulnerabilities in Defender, rewards for this type of vulnerability will range from $5,000 to $20,000.
You can refer to more information at Microsoft Defender Bounty Program