Microsoft has increased the rewards and expanded the scope of its .NET bug bounty program, now offering up to $40,000 for critical vulnerabilities to encourage security research. These updates are part of Microsoft’s broader Secure Future Initiative aimed at strengthening cybersecurity, especially after critical reports on security culture. #ResearcherIncentives #ZeroDayQuest
Keypoints
- Microsoft has expanded its .NET bug bounty program to include all supported versions and related technologies.
- Rewards for critical vulnerabilities now reach up to $40,000, with additional payouts for different severity levels.
- The program’s scope now covers .NET framework vulnerabilities, ASP.NET Core, F#, and related GitHub repositories.
- Earlier initiatives included raising AI vulnerability payouts and launching the Zero Day Quest hacking event.
- These efforts are part of the company’s response to a DHS report calling for a cybersecurity culture overhaul.