Microsoft offers hackers $100K to break Azure Sphere

Microsoft announces $100,000 bounty for exposing vulnerabilities in Azure Sphere

Microsoft recently launched the Azure Sphere Research Challenge, offering approved security researchers up to a $100,000 reward for identifying dangerous exploits that could potentially impact the security of Azure Sphere, the company’s Linux-based platform for IoT devices.

Azure Sphere became available to users in February 2020, and Microsoft is now ready to hand the reins to select hackers and allow them to probe it for vulnerabilities. The Azure Sphere Research Challenge is in addition to Microsoft’s current Azure Security Lab initiative, which Microsoft announced at Black Hat in August 2019.

The new Azure Sphere Research Challenge is a three-month event that could provide hackers a hefty $100,000 bounty. To earn the six-figure reward, researchers must successfully execute code on Azure Pluton or Azure Secure World.

To participate in the challenge, individuals must submit an application to Microsoft before May 15, 2020. Microsoft will review applications each week and notify those who’ve been accepted via email. 

Microsoft will supply approved hackers with an Azure Sphere development kit, access to Microsoft products and services, Azure Sphere product documentation and direct communication with the Microsoft team. 

"By expanding the Azure Security Lab, we're providing more content and resources to better arm security researchers with the tools needed to research high-impact vulnerabilities in the cloud," Microsoft noted in the announcement. 

Microsoft is also tapping security firms, such as Avira, Baidu International Technology, Bitdefender, Bugcrowd, Cisco's Talos team, ESET, FireEye, F-Secure Corporation, HackerOne, K7 Computing, McAfee, Palo Alto Networks and Zscaler to participate.

Microsoft’s Azure Sphere Research Challenge will run from June 1, 2020, through Aug. 31, 2020

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

Citrix buys Slack competitor Wrike in record $2.25bn deal

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021