Security Research

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The Windows Insider Preview (WIP) Bounty Program is a key program for Microsoft and …

Updates to the Windows Insider Preview Bounty Program Read More »

Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack

Machine learning (ML) is an increasingly valuable tool in cyber security as adversaries continually evolve their tactics and techniques to evade detection. As machine learning has advanced and sophisticated ML models have been developed to assist security professionals in protecting the cloud, adversaries have been busy developing malware designed to evade ML models. To proactively …

Machine Learning Security Evasion Competition 2020 Invites Researchers to Defend and Attack Read More »

Azure Sphere

Azure Sphere Security Research Challenge Now Open

The Azure Sphere Security Research Challenge is an expansion of Azure Security Lab, announced at Black Hat in August 2019. At that time, a select group of talented researchers was invited to come and do their worst, emulating criminal hackers in a customer-safe cloud environment. This new research challenge aims to spark new high impact …

Azure Sphere Security Research Challenge Now Open Read More »

Announcing the Xbox Bounty program

Announcing the new Xbox Bounty. The Xbox bounty program invites gamers, security researchers, and technologists around the world to help identify security vulnerabilities in the Xbox network and services, and share them with the Microsoft Xbox team through Coordinated Vulnerability Disclosure (CVD).

Announcing the Microsoft Identity Research Project Grant

We are excited to announce the Microsoft Identity Research Project Grant a new opportunity in partnership with the security community to help protect Microsoft customers. This project grant awards up to $75,000 USD for approved research proposals that improve the security of the Microsoft Identity solutions in new ways for both Consumers (Microsoft Account) and Enterprise (Azure Active Directory).

Calling all breakers & builders: BlueHat Seattle registration is open!

Exciting changes are coming to BlueHat Seattle 2019! If you’d like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register.   Wait, isn’t BlueHat invitation-only? It is…but if we haven’t sent you an invitation, we encourage you to request a seat. Visit our registration site and tell us a little bit about yourself. We’re reviewing all application requests and will send a confirmation if you are selected.   The BlueHat conference team is creating an engaging two-day agenda to provide a …

Calling all breakers & builders: BlueHat Seattle registration is open! Read More »

Attacking the VM Worker Process

In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. We then published “Fuzzing para-virtualized devices in Hyper-V”, which …

Attacking the VM Worker Process Read More »