Microsoft Teams launches Bug Bounty Program to offer upto $30K for vulnerabilities


    Microsoft has launched a bug bounty program for 365 applications, with its video-conferencing software Teams being the only target for now. This move was made because of the rising popularity of Microsoft Teams in the ‘work from home’ period. The company under its Bug Bounty Program will pay out bounty payments between $500 and $30,000 for valid security vulnerabilities.

    What comes under the Bug Bounty Program?

    The Microsoft Teams desktop client is the first that comes under the company’s new Bug Bounty Program. However, it does not comprise Microsoft Teams’ native mobile apps for Android and Apple iOS as well as for desktop browsers. As of now it only covers:

    • Scenario-Based Bounty Awards: Under this comes 5 scenario-based awards for vulnerabilities that may have the highest probable impact on client privacy and security. Rewards for this range from $6,000 to $30,000.
    • General Bounty Awards: The company will also be offering additional bounties for reports that do not qualify for scenario-based awards. Rewards for this range from $500 to $15,000.
    • Teams Online: Other submissions for Microsoft Teams online services will proceed under the Bug Bounty Program.
    • Researcher Recognition Program Points: The credible reports will now be eligible for a 2x bonus multiplier under the Researcher Recognition Program. Points received under this are evaluated and are recorded in Microsoft Security Response Center’s (MSRC) Most Valuable Security Researcher list.

    “Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. As much of the world has shifted to working from home in the last year, Microsoft Teams has enabled people to stay connected, organized, and collaborate remotely,” said MSRC program manager Lynn Miyashita. Miyashita also added: “Microsoft and security researchers across the planet continue to partner to help secure customers and the technologies we use for remote collaboration.”

    Microsoft as of now hasn’t indicated when other Microsoft 365 applications, such as PowerPoint, Outlook, and OneDrive would be taken under the Bug Bounty Program. Microsoft Teams also announced a rise of 50% with around 115 million day-to-day active users in the six months after Covid-19 was declared a pandemic.

    Recent Articles

    Applitools partners with Sogeti on 2021 State of Artificial Intelligence applied to Quality Engineering Report

      Applitools, a developer of next-generation test automation platforms such as Ultrafast Test Cloud and Visual AI, announced on the 26th of July that it...

    Trending in Testing Weekly Newsletter #4

      We are excited to present the 4th edition of “Trending in Testing” Weekly Newsletter. Here are the latest updates: Trending News: 1. Robotic Process Automation (RPA)...

    8 Great Resources to learn Testing and Automation in 2021

      One of the important stages in the development of the software process is software testing. There are hundreds of tools out there in the...

    Cypress 8.0.0 released with New Features and Bugfixes recently released Cypress 8.0.0 version, the new version comes with numerous bug fixes and new features. With the new version, all browsers will...

    Robotic Process Automation (RPA) Developer Career Path – Are you Ready to Begin?

      Are you interested in becoming a Robotic Process Automation (RPA) Developer? You might be asking yourself, “What is RPA?”, and that’s a perfectly valid question....

    Related Stories

    Stay on op - Ge the daily news in your inbox