To enhance the safety of its Azure cloud computing service, Microsoft is launching a brand new lab in addition to growing bug bounty rewards.
At this yr’s Black Hat USA safety convention, the corporate unveiled its new Azure Safety Lab which is made up of a set of devoted cloud hosts that safety professionals invited by the software program big will have the ability to use to check for vulnerabilities and exploits in Azure.
As a way to forestall hacking makes an attempt and assessments from disrupting Azure’s daily operations, the lab is remoted from the principle Azure framework. Moreover, Microsoft’s personal inside safety group will likely be out there to work with researchers on their findings.
The corporate defined the advantages of isolating its new lab from Azure in an announcement, saying:
“The isolation of the Azure Safety Lab permits us to supply one thing new: researchers can’t solely analysis vulnerabilities in Azure, they will try to take advantage of them. These with entry to the Azure Safety Lab might try the scenario-based challenges with high awards of $300,000.”
Along with launching Azure Safety Lab, Microsoft can also be altering how the standard Azure bug bounty program works.
Over the previous 12 months, the corporate has awarded over $4.4m in bug bounty rewards and from at present, safety researchers will have the ability to earn as much as $40,000 for sever Azure vulnerability studies.
These in search of even larger payouts must look no additional than the Microsoft Mitigation Bypass Bounty and the Bounty for Protection Applications the place researchers can earn as much as $100,000 for mitigation bypass studies and different extreme vulnerabilities.
Microsoft has additionally now laid out Protected Harbor ideas for safety researchers the place they will establish and report vulnerabilities and different safety points with out the worry of authorized repercussions.