Hackers will receive up to $20,000 under 'XBOX Bounty Program' for finding vulnerabilities in XBOX live network.
The Award for finding vulnerabilities will range from $500-$20,000 depending on the severity.
Microsoft is giving awards(in the form of money) to hackers, gamers and security researchers and invites them to 'XBOX Bounty Program' to find vulnerabilities in XBOX live network and services, Microsoft wants them to submit the vulnerabilities they found, so that Microsoft can fix them, Microsoft will acknowledge a submission even if it doesn't qualify for a award after the bug was fixed.
Under 'XBOX Bounty Program' whoever submits a bug and qualifies for a reward from Microsoft will receive a amount from anywhere between $500 to $20,000. The amount they receive will depend on the quality of the submission(means the clear explanation of the vulnerability in a form of note or a video) and the severity of the bug.
You can submit the vulnerability through the MSRC Submission portal, even if your submission doesn't qualify for a bounty it will be counted in Microsoft's Researcher Recognition Program and leaderboard, you can submit number of submissions to Microsoft.
Microsoft says that "The goal of the bug bounty program is to uncover significant vulnerabilities that have a direct and demonstrable impact on the security of Microsoft’s customers," Each vulnerability category is divided into three levels, High, Medium and Low. each level will have different bounty values.
Microsoft prohibits phishing or other social engineering attacks against it's employees or Xbox customers and accessing the data of a legitimate customer or a account in the process of finding vulnerabilities, Microsoft will respond to any actions on its networks that appear to be malicious.
If you're interested, get the full information about the Bounty program here, This is not the only bounty program by Microsoft, The company runs other bounty programs for other platforms as well. Sony also has the similar bounty program for it's PlayStation network, Companies start these programs to find vulnerabilities before the real hackers do and exploit the vulnerabilities putting user's security at risk.
 |
| Photo by Alex Carmichael on Unsplash One can submit number of submissions to Microsoft |
Microsoft is giving awards(in the form of money) to hackers, gamers and security researchers and invites them to 'XBOX Bounty Program' to find vulnerabilities in XBOX live network and services, Microsoft wants them to submit the vulnerabilities they found, so that Microsoft can fix them, Microsoft will acknowledge a submission even if it doesn't qualify for a award after the bug was fixed.
Under 'XBOX Bounty Program' whoever submits a bug and qualifies for a reward from Microsoft will receive a amount from anywhere between $500 to $20,000. The amount they receive will depend on the quality of the submission(means the clear explanation of the vulnerability in a form of note or a video) and the severity of the bug.
You can submit the vulnerability through the MSRC Submission portal, even if your submission doesn't qualify for a bounty it will be counted in Microsoft's Researcher Recognition Program and leaderboard, you can submit number of submissions to Microsoft.
Microsoft says that "The goal of the bug bounty program is to uncover significant vulnerabilities that have a direct and demonstrable impact on the security of Microsoft’s customers," Each vulnerability category is divided into three levels, High, Medium and Low. each level will have different bounty values.
Microsoft prohibits phishing or other social engineering attacks against it's employees or Xbox customers and accessing the data of a legitimate customer or a account in the process of finding vulnerabilities, Microsoft will respond to any actions on its networks that appear to be malicious.
If you're interested, get the full information about the Bounty program here, This is not the only bounty program by Microsoft, The company runs other bounty programs for other platforms as well. Sony also has the similar bounty program for it's PlayStation network, Companies start these programs to find vulnerabilities before the real hackers do and exploit the vulnerabilities putting user's security at risk.
Comments
Post a Comment
Comment your thoughts and feedback