More

    Microsoft Teams launches Bug Bounty Program to offer upto $30K for vulnerabilities

     

    Microsoft has launched a bug bounty program for 365 applications, with its video-conferencing software Teams being the only target for now. This move was made because of the rising popularity of Microsoft Teams in the ‘work from home’ period. The company under its Bug Bounty Program will pay out bounty payments between $500 and $30,000 for valid security vulnerabilities.

    What comes under the Bug Bounty Program?

    The Microsoft Teams desktop client is the first that comes under the company’s new Bug Bounty Program. However, it does not comprise Microsoft Teams’ native mobile apps for Android and Apple iOS as well as for desktop browsers. As of now it only covers:

    • Scenario-Based Bounty Awards: Under this comes 5 scenario-based awards for vulnerabilities that may have the highest probable impact on client privacy and security. Rewards for this range from $6,000 to $30,000.
    • General Bounty Awards: The company will also be offering additional bounties for reports that do not qualify for scenario-based awards. Rewards for this range from $500 to $15,000.
    • Teams Online: Other submissions for Microsoft Teams online services will proceed under the Bug Bounty Program.
    • Researcher Recognition Program Points: The credible reports will now be eligible for a 2x bonus multiplier under the Researcher Recognition Program. Points received under this are evaluated and are recorded in Microsoft Security Response Center’s (MSRC) Most Valuable Security Researcher list.

    “Partnering with the security research community is an important part of Microsoft’s holistic approach to defending against security threats. As much of the world has shifted to working from home in the last year, Microsoft Teams has enabled people to stay connected, organized, and collaborate remotely,” said MSRC program manager Lynn Miyashita. Miyashita also added: “Microsoft and security researchers across the planet continue to partner to help secure customers and the technologies we use for remote collaboration.”

    Microsoft as of now hasn’t indicated when other Microsoft 365 applications, such as PowerPoint, Outlook, and OneDrive would be taken under the Bug Bounty Program. Microsoft Teams also announced a rise of 50% with around 115 million day-to-day active users in the six months after Covid-19 was declared a pandemic.

    Recent Articles

    Microsoft Teams launches Bug Bounty Program to offer upto $30K for vulnerabilities

      Microsoft has launched a bug bounty program for 365 applications, with its video-conferencing software Teams being the only target for now. This move was...

    Weekly Newsletter (21st Mar’ 21 to 27th Mar’ 21)

      Here’s the Weekly Newsletter from 7th February’ 2021 to 13th February’ 2021: 1. Microsoft and Bug Bounty Switzerland collaborate to launch first Swiss Bug Bounty...

    Report claims that 96% believe RPA is critical for digital transformation

      According to a report by Blue Prism, an RPA company located in the UK, 96% of decision-makers in India speculate that robotic process automation...

    TestProject Reveals Next-Gen Release for Appium and Selenium Test Automation

      Tricentis, the global leader in enterprise continuous testing, announced on 17th March that TestProject, a Tricentis community offering, has unveiled its next-generation release (v2.0)....

    Bug Bounty Hunter scoops $25,000 for GitHub Actions secret thefts report

      On March 17, Teddy Katz, a bug bounty hunter, and Google employee announced in a write-up about a GitHub vulnerability which the hunter discovered...

    Related Stories

    Stay on op - Ge the daily news in your inbox