Microsoft Awarded $13.6 Million To Security Researchers in the Past 12 Months (therecord.media) 9
Microsoft awarded $13.6 million to security researchers in the past 12 months, From a report: Microsoft said it awarded more than $13.6 million as monetary rewards to security researchers through its public bug bounty programs over the past 12 months. According to Microsoft:
The funds were awarded for 1,261 bugs reported by 341 security researchers across 17 bug bounty platforms between July 1, 2020 and June 30, 2021.
The highest awarded bounty was $200,000 for a vulnerability reported in Hyper-V, Microsoft's OS virtualization technology.
The average bounty was more than $10,000 per valid bug report across all programs.
Most bug reports came from researchers residing in China, the US, and Israel.
The company said it plans to announce the 2021 Most Valuable Security Researcher next month.
The sum awarded this year is identical to what Microsoft reported one year ago when the company said it awarded $13.7 million to 327 security researchers for 1,226 vulnerability reports across 15 bug bounty programs in the previous 12 months (July 1, 2019 to June 30, 2020).
The funds were awarded for 1,261 bugs reported by 341 security researchers across 17 bug bounty platforms between July 1, 2020 and June 30, 2021.
The highest awarded bounty was $200,000 for a vulnerability reported in Hyper-V, Microsoft's OS virtualization technology.
The average bounty was more than $10,000 per valid bug report across all programs.
Most bug reports came from researchers residing in China, the US, and Israel.
The company said it plans to announce the 2021 Most Valuable Security Researcher next month.
The sum awarded this year is identical to what Microsoft reported one year ago when the company said it awarded $13.7 million to 327 security researchers for 1,226 vulnerability reports across 15 bug bounty programs in the previous 12 months (July 1, 2019 to June 30, 2020).
Quandary. (Score:2)
Most bug reports came from researchers residing in China, the US, and Israel.
Must be a quandary for China. Exploit bugs for China's benefit. Find bugs for China's financial benefit.
Re: (Score:1)
It's understandable why you would want to remain anonymous.
What?! (Score:4, Informative)
> The sum awarded this year is identical to what Microsoft reported one year ago when the company said it awarded $13.7 million
Underpaid. (Score:2)
Considering how much you could make with a single ransomware attack, it seems like they aren't paying nearly enough for vulnerability reports.
Windows bugs forever! (Score:2, Interesting)
They'll never get Windows patched to be secure. Rotten foundation.
The is lifetime employment for security researchers.
Re: (Score:1)