Get All Access for $5/mo

Windows Bounty Program Offers Up to $250,000 Per Bug In a bid to make Windows 10 and Windows Server more secure, Microsoft turns to the wider security community and tempts them with very healthy cash rewards.

By Matthew Humphries

This story originally appeared on PCMag

Microsoft via PC Mag

Bug bounty programs are a very efficient way of getting the wider security community involved in helping to protect a piece of software. In return for spending time trying to break through the security of any given system, you can earn some cash and a little bit of fame.

This week, Microsoft announced the Windows Bounty Program, challenging "friends, hackers and researchers" to break into any and all parts of Windows 10 and Windows Server.

Microsoft isn't new to the bug bounty game. Mitigation Bypass Bounty and Bounty for Defense programs have been running since 2013, and a Microsoft Edge bounty has been in place since August 2016. The latest bounties are really more of an expansion of what's already in place and includes the Windows Insider Preview, Windows Defender Application Guard and Microsoft Hyper-V.

Rewards range anywhere from $500 right up to $250,000 for the most serious Hyper-V bugs. Hyper-V is Microsoft's solution for running virtual machines and helps power the Azure cloud computing service, so you can see why Microsoft would like to identify and fix any vulnerabilities there quickly. In order to earn $250,000 you need to identify a vulnerability that qualifies as Remote Code Execution, Information Disclosure or a Denial of Service.

A nice additional feature of this bounty program is the 10 percent reward. If a bug is reported that Microsoft already discovered internally, the first finder will still receive 10 percent of the qualifying reward. So if they found a vulnerability worth $250,000, which Microsoft already knows about internally, they'll still receive $25,000.

Taken as a whole, Microsoft is clearly very keen to ensure its core products of Windows 10, Windows Server, the Edge browser and Windows Defender are as secure as possible. And with the rate at which new threats appear, it would be almost impossible to keep up relying solely on an internal security team at Microsoft.

Matthew Humphries

Senior Editor

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business Process

How CEOs Can Take Control of Their Emails and Achieve Inbox Zero

Although there are many methodologies that leaders can use to manage their emails effectively, a consistent and thought-through process is the most effective way to systemize and respond to emails and is a step of stewardship for the effective leader.

Science & Technology

5 Automation Strategies Every Small Business Should Follow

It's time we make IT automation work for us: streamline processes, boost efficiency and drive growth with the right tools and strategy.

Business News

Former Steve Jobs Intern Says This Is How He Would Have Approached AI

The former intern is now the CEO of AI and data company DataStax.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.