Security Research

Announcing the Microsoft Dynamics 365 Bounty program

One of Microsoft’s many security investments to protect customers is in the partnerships we build with the external security research community. We are excited to announce the launch of the Dynamics 365 Bounty program and welcome researchers to seek out and disclose any high impact vulnerabilities they may find in Dynamics 365. Rewards up to …

Announcing the Microsoft Dynamics 365 Bounty program Read More »

BlueHat v14 is almost here

It’s that time of year and BlueHat v14 is almost upon us. As always, BlueHat is an opportunity for us to bring the brightest minds in security together, both internal and external, to discuss and tackle some of the hardest problems facing the industry today. Through this conference, our engineering teams get deep technical information …

BlueHat v14 is almost here Read More »

Filling A Gap In the Vulnerability Market – First Bounty Notification

When Microsoft decided to offer not one but three new bounties, paying outside researchers directly for security research on some of our latest products, we put a lot of thought into developing those bounty programs. We developed a customized set of programs designed to create a win-win between the security researcher community and Microsoft’s customers, …

Filling A Gap In the Vulnerability Market – First Bounty Notification Read More »

New Bounty Programs – One Week In

Two weeks ago, Microsoft made an important evolutionary step in our work with the security community when we announced our first-ever bounty programs for security issues. One week ago, the Windows 8.1 Preview and Internet Explorer 11 Preview became available for download, and the doors officially opened for bounty-eligible submissions to secure [at] Microsoft [dot] …

New Bounty Programs – One Week In Read More »

BlueHat Prize entries: The final tally is…

Handle:k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice The entries are in! After a last-minute wave of fresh entries to the first-ever BlueHat Prize, the final count for this year’s contest stands at twenty …

BlueHat Prize entries: The final tally is… Read More »

Peace Games – BlueHat Prize Update and Countdown

Handle:k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice In the film WarGames, an artificial intelligence program named Joshua asked the main character, a teenage hacker, the now famous question, “Shall we play a game?” …

Peace Games – BlueHat Prize Update and Countdown Read More »

From Bounties to the BlueHat Prize – Evolutionary Thinking in Valuing Security Research

Handle:k8e IRL: Katie Moussouris Rank: Senior Security Strategist Lead, Head of Microsoft’s Security Community and Strategy Team Likes: Cool vulns, BlueHat, soldering irons, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice Today on the MSRC blog, Matt Thomlinson announced the BlueHat Prize, the first and largest incentive prize Microsoft has ever offered to seek out and reward …

From Bounties to the BlueHat Prize – Evolutionary Thinking in Valuing Security Research Read More »

Hack.lu: Why it’s all about building bridges

Handle:Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni “We want to remain what we are” (“Mir wëlle bleiwe wat mir sinn”) is the national motto of the Grand Duchy of …

Hack.lu: Why it’s all about building bridges Read More »