Microsoft kicks off its own bug bounty programme
From the post:
Microsoft has announced a three-pronged bug bounty programme for its upcoming Windows and Internet Explorer versions. The company will start paying security researchers for disclosing security vulnerabilities to it in a responsible manner, similar to Google’s bug bounty programme for Chrome and Chrome OS that has been ongoing since 2010. Under Microsoft’s new initiative, researchers can report vulnerabilities in the under-development Windows 8.1 and the preview of its Internet Explorer 11 browser. If submissions are accompanied by ideas about how to defend against the attack, the submitting researcher will earn a substantial monetary bonus.
Under the Mitigation Bypass Bounty category, Microsoft will pay researchers up to $100,000 for “truly novel exploitation techniques” against the protections of the latest version of Windows, with up to an additional $50,000 BlueHat Bonus for Defense for ideas how to defend against them. These two categories are open indefinitely. Until 26 July, researchers can also earn up to $11,000 for reporting critical vulnerabilities that affect the Internet Explorer 11 Preview on Windows 8.1 Preview. The company’s bug bounty programme will open for submissions on 26 June, the same day that the company plans to release the Windows 8.1 preview to the wider public.
I mention this as a source of funding for startups, particularly those interested in topic maps.