Microsoft recently announced the Azure Security Lab, a sandbox for security personnel to test cloud security. Meanwhile, VentureBeat reports the company also doubled the top Azure bug bounty reward to $40,000.
What’s the Top Azure Bug Bounty?
Bug bounty programs complement internal security and help motivate groups of hackers to find flaws and act as whistleblowers, says VentureBeat.
It also encourages those hackers not to use flaws maliciously or sell them to parties that will.
According to VentureBeat, Microsoft says it has given over $4 million in bounty rewards in the last year alone.
How Azure Security Lab ties in
This new development from Microsoft is a dedicated set of cloud hosts — apart from Azure customers — which allows security researchers to test attacks against scenarios on the cloud, VentureBeat explains.
Isolation allows researchers a chance to find and exploit vulnerabilities in a safe way.
Azure Security Lab is not open to the public. Interested users can apply here.
Incentives to use the lab
VentureBeat says Microsoft promises quarterly campaigns/scenarios with added incentives and swag. Security researchers will also be able to engage directly with Azure security experts.
“We have new scenario-based challenges with additional bounty awards of up to $300,000 in the Azure Security Lab. Throughout the year, more than $2 million of scenario bounty rewards will be offered to Azure Security Lab participants,” Kymberlee Price, Microsoft’s security community manager, told press ahead of the announcement. “The first scenarios will focus on breaking VM-based tenant isolation on Azure.” — from VentureBeat article