Microsoft announced today the launch of a new IoT-focused research program with awards of up to $100,000 for vulnerabilities found by security researchers in the Azure Sphere IoT security solution.

The new research challenge, dubbed Azure Sphere Security Research Challenge, is an expansion to the Azure Security Lab bounty program announced by Microsoft last year at Black Hat 2019.

Azure Security Lab’s first phase was announced on August 5, 2019, and it included a sandbox-like environment that allowed security researchers to test Azure’s security, featured an increase in Azure bug bounty rewards, as well as new scenario-based challenge rewards.

We are excited to announce a new IoT-focused research program, the Azure Sphere Security Research Challenge, with awards up to $100,000 USD! Deadline to apply is May 15, check out the blog post for more information: https://t.co/YGqcSqh6fy

With the Azure Sphere Security Research Challenge announcement, Redmond added to the incentives, support resources. and coordination framework to make Coordinated Vulnerability Disclosure (CVD) easier for researchers and to encourage further Azure Sphere research.

Microsoft will award bounties of up to $100,000 during this new research challenge to researchers who can demonstrate their ability to execute code on the Microsoft Pluton security subsystem or the Azure Sphere application platform’s Secure World.

Participants enrolled in Microsoft’s Azure Sphere Security Research Challenge will also have access to resources that will support them in their research, including:

• New bounties for Azure Sphere, up to $100K
• Access to Azure Sphere development kit
• Access to Microsoft products and services for research purposes  
• Azure Sphere product documentation 
• Direct communication channels with the Microsoft team 

“This research challenge is focused on the Azure Sphere OS,” Microsoft explained. “Vulnerabilities found outside the research challenge scope, including the Cloud portion, may be eligible for the public Azure Bounty Program awards.

Also, “[p]hysical attacks are out of scope for this research challenge and the public Azure Bounty Program.”

To apply for this three-month application-only security research challenge, you will have to submit your application here before May 15, 2020, with the challenge to run between June 1, 2020, through August 31, 2020.

Source: https://www.bleepingcomputer.com/news/security/microsoft-launches-iot-focused-bounty-program-with-100k-awards/

World news – GB – Microsoft launches IoT-focused bounty program with $100K awards

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/

LEAVE A REPLY

Please enter your comment!
Please enter your name here