August 6, 2024 at 06:12AM
Microsoft announced that it paid out $16.6 million through its bug bounty programs over the past year, an increase from the previous annual average of $13 million. They rewarded 343 researchers from 55 countries for over 1,300 eligible reports, with the largest single reward being $200,000. Microsoft plans to continue improving its bug bounty programs.
From the meeting notes, the key takeaways are:
– Microsoft has paid out approximately $16.6 million in bug bounties in the past year, bringing the total paid out since 2018 to $75.5 million.
– The company rewarded 343 researchers from 55 countries for over 1,300 vulnerability reports, with the largest single reward being $200,000.
– Microsoft’s bug bounty programs cover various products and services, including Azure, Microsoft 365, Windows, Power Platform, Dynamics 365, Edge, and Xbox.
– In the past year, Microsoft introduced several new bounty programs and research grants focusing on Dataverse integrations.
– The company has committed to improving its bug bounty programs based on researcher feedback.
– Microsoft also announced the new MSRC Researcher Resource Center, providing resources for security researchers.
Is there anything else I can assist you with based on these meeting notes?