Security News > 2022 > August > Microsoft trumps Google for 2021-22 bug bounty payouts
Microsoft appears to have beat Google on the bug bounty front, with $13.7 million in rewards spread out over 335 researchers.
The biggest prize awarded by Microsoft was $200,000 under the Hyper-V Bounty Program and the average award was $12,000.
The Register contacted Microsoft to check that there had been no embarrassing whoopsies in the copy-paste department and will update should the software giant respond.
While bug bounty programs undoubtedly encourage the responsible disclosure of vulnerabilities, they also have their critics.
Microsoft Bug bounty: "Would you like to sell your bug to the government for $1m or give it to Microsoft for less than minimum wage" Web3 Bug bounty: "Would you like to report the bug in return for the content of this mystery box or steal literally all the money we have".
Microsoft has continued to tinker with its bug bounty program, with the addition of attack scenarios on Azure, Dynamics 365, and its Power Platform.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/08/12/microsoft_bug_bounty/
Related news
- Google paid $10 million in bug bounty rewards last year (source)
- How to optimize your bug bounty programs (source)
- Kaiser Permanente handed over 13.4M people's data to Microsoft, Google, others (source)
- Adobe Adds Firefly and Content Credentials to Bug Bounty Program (source)
- Microsoft, Google do a victory lap around passkeys (source)
- Microsoft, Google widen passkey support for its users (source)