Microsoft announces new hacking event ‘Zero Day Quest’ for security researchers; in-person event also held; bug bounties for AI-related issues doubled;
Microsoft has announced that it is open to all research questions to encourage researchers to discover high-impact vulnerabilities within its programs.
Zero Day Quest offers bug bounties to researchers who report defects in Microsoft AI, Azure, Identity, Dynamics 365, Power platform, and M365.
This challenge will run until January 19, 2025 and is subject to existing bounty program terms, safe harbor policies, and additional terms.
AI bugs are worth twice as much
Microsoft hopes this event will bring the security community together and encourage collaboration between researchers and engineers to keep everyone safe.
Alongside the online event, 45 top researchers (based on bounty award amount) will be invited to an all-expenses paid on-site zero-day quest event in Washington. The top 10 researchers from the 2024 Azure, Dynamics, and Office leaderboards will also be invited. .
AI has dominated security conversations over the last year, and Microsoft doubled its AI bounty to reflect growing concerns about AI security. Other bounty multipliers are also included, such as finding critical and severity remote code execution and privilege escalation flaws.
Security is a top priority at Microsoft, and we have embarked on a Secure Future initiative to ensure security above all else to protect our users and business.
“This new hacking event will be the largest of its kind, with the potential for an additional $4 million in prizes for research in high-impact areas, particularly cloud and AI,” Microsoft Security Response Center said. said Tom Gallagher, vice president of engineering.
“Zero Day Quest provides new opportunities for the security community to collaborate with Microsoft engineers and security researchers. We bring together the best knowledge in the security field to help our community share, learn, and keep everyone safe. , can be built.”
You may also like
