Black Hat

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

Security researchers are a vital component of the cybersecurity ecosystem that safeguards every facet of digital life and commerce. The researchers who devote time to uncovering and reporting security issues before adversaries can exploit them have earned our collective respect and gratitude. The security landscape is constantly changing with emerging technology and new threats. By …

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards Read More »

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and collaboration with industry leading partners. While all MAPP partners have made a significant …

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP) Read More »

Corporate IoT – a path to intrusion

Several sources estimate that by the year 2020 some 50 billion IoT devices will be deployed worldwide. IoT devices are purposefully designed to connect to a network and many are simply connected to the internet with little management or oversight. Such devices still must be identifiable, maintained, and monitored by security teams, especially in large …

Corporate IoT – a path to intrusion Read More »

Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition

This morning we are excited to unveil the security researcher leaderboard at the Black Hat Security Conference.  This list recognizes the top security researchers who have contributed research to the Microsoft products and services.  If you are curious on how we build the list, check out our blog from last week on The Making of …

Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition Read More »

Preparing for Live Pwnage: Mitigation Bypass Bounty Machine Specs for Black Hat

With about one week to go before we all gather at Black Hat in Las Vegas, we’re getting inquiries about precisely how the promised Live Mitigation Bypass Bounty judging at Black Hat will work. For most of the world, it works best when you get a good spot at the Microsoft booth (#301) around noon …

Preparing for Live Pwnage: Mitigation Bypass Bounty Machine Specs for Black Hat Read More »

New Bounty Programs – One Week In

Two weeks ago, Microsoft made an important evolutionary step in our work with the security community when we announced our first-ever bounty programs for security issues. One week ago, the Windows 8.1 Preview and Internet Explorer 11 Preview became available for download, and the doors officially opened for bounty-eligible submissions to secure [at] Microsoft [dot] …

New Bounty Programs – One Week In Read More »

MAPP – An Insider’s view

Intro Matt Watchinski here, Senior Director, Sourcefire Vulnerability Research Team (VRT). It’s that time of year again. The mercury is soaring above 100F, and I am crammed onto a “flying bus” heading out to Las Vegas to attend this year’s iteration of the Black Hat and DEF CON conferences. Something about this tradition always leads …

MAPP – An Insider’s view Read More »

May You Live in Interesting Times

Handle:StoneZ IRL: Adrian Stone Rank: Senior Security Program Manager Lead Likes: Predictive Analytics, Game Theory, Databases, Sports Cars, NFL Football, Direct People Dislikes: Losing, Liars, Posers, No Talent Clowns It was two years ago at Black Hat that my colleague Katie Moussouris announced the launch of the Microsoft Vulnerability Research (MSVR) program. Shortly thereafter I …

May You Live in Interesting Times Read More »