Security News > 2020 > May > Microsoft Shells Out $100K for IoT Security
Microsoft has launched a bug-bounty program for its Azure Sphere offering, which is a security suite for the internet of things that encompasses hardware, OS and cloud elements.
Microsoft is offering various resources to program participants, including the Azure Sphere development kit; product documentation; direct communication channels with the Microsoft team; and other Microsoft products and services if needed.
"Microsoft recognizes security is not a one-and-done event," wrote Sylvie Liu, security program manager at the Microsoft Security Response Center, in announcing the challenge this week.
Microsoft continues to roll out bug-bounty programs.
Last year, the computing giant released a program designed to sniff out flaws in Azure DevOps; kicked off a program with payouts as high as $100,000 for holes in identity services and implementations of the OpenID standard, Microsoft Account and Azure Active Directory; and in the wake of the Meltdown and Spectre flaws, Microsoft started a new bug bounty program targeting speculative execution side-channel vulnerabilities that offered up to $250,000 for identifying new categories of speculative execution attacks that Microsoft and other industry partners are not yet aware of.
News URL
https://threatpost.com/microsoft-100k-iot-security-azure-sphere/155517/
Related news
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)