Azure Sphere

Calling for security research in Azure Sphere, now generally available

Today, Microsoft released Azure Sphere into General Availability (GA).

Azure Sphere’s mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. Azure Sphere is an end-to-end solution for securely connecting existing equipment and for creating new IoT devices with built-in security. The solution includes hardware, OS, and a cloud service, as well as ongoing security and OS updates to help ensure devices remain secured as threats evolve over time.

For innovation to deliver durable value, it must be built on a foundation of security. Security researchers continue to play an integral role in securing billions of customers by discovering and reporting vulnerabilities to Microsoft through Coordinated Vulnerability Disclosure (CVD). With general availability of Azure Sphere, we invite researchers from across the globe to research for high impact vulnerabilities in Azure Sphere as a part of our Microsoft Azure Bounty Program. Qualified submissions are eligible for awards up to US$40,000.

If you are interested in security research in IoT, please sign-up HERE to receive related program information. We look forward to sharing more program updates in the coming months!

To learn more about Azure Sphere, visit the general availability announcement blog and the Azure Sphere website.

Sylvie Liu, Security Program Manager, Microsoft Security Response Center