Microsoft has announced the launch of a new Bug Bounty program called “Microsoft Identity Bounty Program” and offers rewards ranging from $ 500 to $ 100,000 dollars for anyone who can find vulnerabilities in their “identity service.”
As Microsoft explains on its official website, in a context in which we live today, where collaborative communications require the use of identifying systems and the use of data to identify and access different domains, the digital identity of a user in the Internet is the key to accessing and interacting with almost everything.
The goal of the program is to reward those works that are a faithful reflection of the research behind the detected vulnerability. In that sense, Microsoft expects that enrolled researchers will be able to share their knowledge with Microsoft engineers and developers, and that Microsoft engineers and developers can quickly understand and replicate the discovery of the participant.
Higher payouts will be granted depending on the quality of the report submitted and the impact of the vulnerability found. On the other hand, smaller payments will generally be granted for vulnerabilities that require a lot of user interaction.
For more information, visit the official Microsoft