One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of the Dynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilities they may find in Dynamics 365. Rewards up to US$20,000 are available for eligible vulnerabilities in both Dynamics 365 online services and the latest release of Dynamics 365 on-premises.
With the launch of the Dynamics 365 bounty we’ve also updated the main Microsoft Bounty Program page. We’ve simplified the high-level requirements for all our programs, added additional links and resources, and grouped our programs into three categories:
- Cloud Programs, like Azure DevOps and Dynamics 365
- Platform Programs, like Windows Insider Preview and Hyper-V
- Defense Programs, like the Mitigation Bypass and Bounty for Defense
Microsoft is committed to strengthening our partnership with the security research community, and I look forward to sharing more bounty updates and improvements in the coming months.
Jarek Stanley, Senior Program Manager, MSRC