Microsoft launches Online Services Bug Bounty Program, includes Office 365 with rewards starting at $500

Microsoft today launched the Microsoft Online Services Bug Bounty Program, offering security researchers rewards for submitted vulnerabilities. The program encompasses the various Online Services provided by Microsoft, and bounties for qualified submissions start at a minimum payment of $500, with more offered depending on the impact of the vulnerability. Eligible submissions include vulnerabilities of the following types: Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), unauthorized cross-tenant data tampering or access (for multi-tenant services), Insecure direct object references, injection flaws, authentication flaws, server-side code execution, privilege escalation, significant security misconfiguration. That being said, as with any such program, bounties...


This story continues at The Next Web


The post Microsoft launches Online Services Bug Bounty Program, includes Office 365 with rewards starting at $500 appeared first on The Next Web.






from The Next Web http://ift.tt/1rmagkO

via IFTTT

0 Kommentare:

Kommentar posten