Technology
Microsoft offers additional 30% bounty on top of $20,000 in bug bounty program
Microsoft is planning to expand the bounty and is willing to pay a higher bounty for vulnerabilities with serious security implications for customers. Microsoft recently announced the Dynamics 365 and Power Platform Bounty Program and the M365 Bounty Program.
Join tip3x on Telegram
On top of the existing bounty of up to $20,000, an additional 30% bounty will be added according to the vulnerability level, which is $26,000.” Through these new scenario-based bounties, we encourage researchers to focus their research on vulnerabilities with the greatest potential impact on customer privacy and security,” the Microsoft Security Response Center (MSRC) announcement reads.
A week ago, Microsoft announced that it would add Exchange, SharePoint, and Skype for Business within the enterprise to its bug bounty program. Security researchers can now find and report vulnerabilities affecting Exchange and SharePoint servers within an enterprise for a bounty of $500 to $26,000.
Furthermore, Bounty hunter researchers can earn higher rewards based on the severity multiplier (between 15% and 30%) of the vulnerability’s impact, the MSRC team said.