Microsoft to Crowdsource the Hunt for Security Bugs
Microsoft is turning to the crowd of computer experts, hackers, and coders to find security glitches in its software products, and then to fix those bugs.
And the computer behemoth is offering some big money incentives.
There will be up to $100,000 for information about security bugs that could be used to bypass the defenses of Windows. For those who can come up with techniques to stop similar bugs being exploited in the future there will be an extra $50,000 “Defense Bonus” per submission.
These on-going payments are in addition to the company’s annual Blue Hat Prize that offers cash prizes to researchers who develop new security defenses for Windows.
Rich Rewards
Microsoft will also pay out up to $11,000 for exploits affecting the preview version of Internet Explorer 11.
The payments dwarf those of similar initiatives by some of Microsoft’s keenest rivals such as Google and Mozilla.
“These are super challenging to discover and they require a new technique,” says Mike Reavey, director of Microsoft’s Security Response Center. “So to get people thinking in this area really does require a top-dollar reward.”
Crowdsourcing Benefits
There are several reasons why a distributed knowledge approach can deliver better results than a ‘within our own four walls’ attitude:
- You can find more glitches
- You can find them faster
- Solutions may well exist elsewhere but are being applied to different problems
Currently, Microsoft isn’t finding problems fast enough, and a massively parallel process should be able to buck this state of affairs.
You can read more about this story at Forbes.com.
Add your Comment
[LOGIN FIRST] if you're already a member.fields are required.