Microsoft Debuts AI Bug-Bounty Program, Offers $15K

Microsoft Debuts AI Bug-Bounty Program, Offers $15K

October 13, 2023 at 01:26PM

Microsoft has introduced an AI bug-bounty program for researchers to identify vulnerabilities in its Bing generative AI chatbot and AI integrations. Rewards for eligible submissions range from $2,000 to $15,000. The program covers AI-powered Bing on bing.com, as well as integrations in Microsoft Edge, the Microsoft Start app, and Skype Mobile. Microsoft aims to uncover significant vulnerabilities impacting the security of its customers within the AI-powered “Bing experience.” More details can be found on Microsoft’s website.

Microsoft has launched an AI bug-bounty program to encourage researchers worldwide to find vulnerabilities within the Bing generative AI chatbot and AI integrations. The program offers rewards from $2,000 to $15,000 for qualified submissions. Eligible participants need to be at least 14 years old with permission from a legal guardian if they are a minor. They must also be individual researchers and not public sector employees. If a participant is a public sector employee, the bounty award must go to their organization and be signed by an attorney or executive responsible for its ethics policies. The scope of the bounty program covers AI-powered Bing on bing.com, AI-powered Bing integration in Microsoft Edge, AI-powered Bing integration in the Microsoft Start app, and AI-powered Bing integration in the Skype Mobile app. Any vulnerabilities found in these integrations are considered qualified for submission and can win a reward. The purpose of the program is to discover vulnerabilities that have a significant impact on the security of Microsoft’s customers within the AI-powered “Bing experience.” Researchers need to ensure that the vulnerability being submitted has not been previously reported, has critical or important severity according to the Microsoft Vulnerability Severity Classification for AI Systems, and is reproducible on the latest version of the product with clear steps for reproduction. For more information on how to get started, enter a submission, different types of vulnerabilities, potential winnings, research rules of engagement, and terms and conditions, please visit Microsoft’s website.

Full Article