Microsoft launched its new Azure Security Lab during the Black Hat conference in Las Vegas. This is intended to strengthen the security of the company’s public cloud service.
Azure Security Lab is an isolated set of cloud hosts designed to be tested by security professionals, writes Silicon Angle. The lab is isolated, to ensure that people who have been invited to secretly test Azure aggressively do not disrupt the service.
The isolation of the Azure Security Lab allows us to offer something new: researchers can not only investigate vulnerabilities in Azure, but also try to exploit them, according to the company. Approved applicants will have access to quarterly campaigns for targeted scenarios with additional incentives, as well as regular recognition and exclusive swag.
The results of the tests are analyzed by Microsoft’s own security researchers as well as the invited security professionals. The company encourages these professionals to come and do the worst they can to ensure that vulnerabilities in Azure are searched for everywhere.
Microsoft is already accepting requests from security researchers who now want to test Azure. A large reward is paid for this. Researchers who can break the security challenges can make a maximum of $300,000 from this. In addition, the rewards for Azure’s traditional bug bounty program will be increased. These go from $20,000 to $40,000. The company claims to have paid out $4.4 million in rewards over the past twelve months, compared to $2 million a year earlier.
The idea behind such bug bounties is that outsiders can check security systems for vulnerabilities and other errors, which can put a company’s assets and user data at risk. The errors can then be tackled without damaging the company.
Finally, the company says it now accepts Safe Harbor principles. This means that security researchers can identify and report vulnerabilities in Microsoft’s systems without fear of major consequences.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.