Microsoft launches Identity Bounty program

Microsoft launches Identity Bounty program

Modern security depends today on collaborative communication of identities and identity data within and across domains.  A customer’s digital identity is often the key to accessing services and interacting across the internet.  Microsoft has invested heavily in the security and privacy of both our consumer (Microsoft Account) and enterprise (Azure Active Directory) identity solutions.  We have strongly invested in the creation, implementation, and improvement of identity-related specifications that foster strong authentication, secure sign-on, sessions, API security, and other critical infrastructure tasks, as part of the community of standards experts within official standards bodies such as IETF, W3C, or the OpenID Foundation.  In recognition of that strong commitment to our customer’s security we are launching the Microsoft Identity Bounty Program.

The Microsoft Identity Bounty Program places a premium on security research into this critical technology that powers both consumer and enterprise services.  Payouts range from $500 to $100,000.  If you are a security researcher and have discovered a security vulnerability in the Identity services, we appreciate your help in disclosing it to us privately and giving us an opportunity to fix it before publishing technical details.  Further in our commitment to the industry identity standards work that we have worked hard with the community to define, we are extending our bounty to cover those certified implementations of select OpenID standards.  More details and rules for the bounty program can be found here: https://aka.ms/idbounty.

Happy hunting!

Phillip Misner,

Principal Security Group Manager

Microsoft Security Response Center

 

Source: Microsoft launches Identity Bounty program

About KENNETH 19694 Articles
지락문화예술공작단

Be the first to comment

Leave a Reply

Your email address will not be published.


*


이 사이트는 스팸을 줄이는 아키스밋을 사용합니다. 댓글이 어떻게 처리되는지 알아보십시오.