The Internet of Things platform Azure Sphere, rolled out earlier this year, has been designated by Microsoft as the new project of Azure Security Lab. The tech giant offers a 100.000 dollar reward for the hacker who manages to run his own code on Azure Pluton or Azure Secure World.p
In 2019, Microsoft announced new rewards for security researchers who could find vulnerabilities. The largest amount ever paid out was 40.000 dollars (37.000 euros). Since Azure Sphere is Microsoft’s new major project, the tech giant wants to test the security thoroughly and, if necessary, fix the vulnerabilities.
According to Microsoft, it is only sensible that it is actively trying to bypass its own security, and that it is better to do this in a secure environment. Their motto ‘Before the bad guys do it’ is the reason why Microsoft calls in researchers from cybersecurity firms and independent hackers.
Interested parties can register (it is therefore not wholly anonymous) after which Microsoft examines and assesses the applications. Accepted candidates will have access to a range of services and will be in direct contact with the Microsoft team. The hackers will then have three months (from June 1st to August 31st) to hunt for vulnerabilities. Anyone who manages to run code on Secure World (a secure environment for only Microsoft supplied code) or Pluton (a security module in a hardware chip) will receive the 100.000 dollar reward. Microsoft has also drawn up a list of other vulnerabilities, but the rewards for finding them are not as lucrative.