
Microsoft announced today the launch of a new IoT-focused research program with awards of up to $100,000 for vulnerabilities found by security researchers in the Azure Sphere IoT security solution.
The new research challenge, dubbed Azure Sphere Security Research Challenge, is an expansion to the Azure Security Lab bounty program announced by Microsoft last year at Black Hat 2019.
Azure Security Lab’s first phase was announced on August 5, 2019, and it included a sandbox-like environment that allowed security researchers to test Azure’s security, featured an increase in Azure bug bounty rewards, as well as new scenario-based challenge rewards.
With the Azure Sphere Security Research Challenge announcement, Redmond added to the incentives, support resources. and coordination framework to make Coordinated Vulnerability Disclosure (CVD) easier for researchers and to encourage further Azure Sphere research.
Microsoft will award bounties of up to $100,000 during this new research challenge to researchers who can demonstrate their ability to execute code on the Microsoft Pluton security subsystem or the Azure Sphere application platform’s Secure World.