Security researchers play an essential role in Microsoft’s security strategy and are key to community-based defense. To show our appreciation for their hard work and partnership, each year at BlackHat North America, the Microsoft Security Response Center highlights contributions of these researchers through the list of “Top 100” security researchers reporting to Microsoft.
This list ranks security researchers reporting directly to Microsoft according to the quantity and quality of all reports for which we’ve issued fixes. While one criteria for the ranking is volume of reports a researcher has made, the severity and impact of the reports is very important to the ranking. Higher-impact issues carry more weight than lower-impact ones. While this list does not include security researchers who report to our partners ZDI and iDefense as we do not always have full information to recognize their efforts, we very much appreciate the partnership with ZDI and iDefense as they ensure that we know about any reports affecting Microsoft products.
Given the number of individuals reporting to Microsoft, anyone ranked among the Top 100 is among some of the top talent in the industry. Regardless of where security researchers are ranked in this list, we appreciate their active and ongoing participation with the Microsoft Security Response Center, and encourage new researchers to report potential vulnerabilities to us at firstname.lastname@example.org. We’re excited to see who’s going to be on the list next year.