Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Practical advice for earning higher Microsoft bounty awards

13 Mar 2019   #1

64-bit Windows 10 Pro
Practical advice for earning higher Microsoft bounty awards

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core pieces of advice.
  • First, focus vulnerability research on the products and services that are eligible for bounty rewards. The eligible scope is published on our website. We expand our programs throughout the year, so check back regularly for new potential areas to research and follow us on Twitter for announcements of new bounty programs.
  • Second, when reporting security vulnerabilities, provide clear, concise information to help our engineering teams reproduce the vulnerability for themselves. Detailed and well written instructions, or even short videos can more than double the possible award amount for bounty eligible properties.
In addition to talking about vulnerability hunting in Microsoft’s bounty programs, we also want to help security researchers develop their skills. This year we sponsored more than 20 researchers to attend the conference, which included hands on training and workshops on hardware and software security. With almost 2000 attendees from across India, Nullcon was a great place to connect with the security researcher community across the region and see excellent technical talks from James Forshaw, Jaya Baloo, and others. Thanks to Antriksh Shah and the team at Payatu for bringing everyone together for such a great event.

Thank you to everyone who I met at Nullcon and to those who attended my talk. For more details and some real-world examples of high quality and high reward submissions, check out my presentation slides here.

Happy Hacking!
Jarek Stanley, @JarekMSFT
Senior Program Manager

Source: Practical advice for earning higher Microsoft bounty awards MSRC

My System SpecsSystem Spec

 Practical advice for earning higher Microsoft bounty awards

Thread Tools

Similar help and support threads
Thread Forum
Announcing Changes to Microsoft’s Mitigation Bypass Bounty
Source: Announcing Changes to Microsoft's Mitigation Bypass Bounty Defense
Extending the Microsoft Office Bounty Program
Source: Extending the Microsoft Office Bounty Program MSRC
Microsoft Adds OneDrive to Bug Bounty Program
Source: Microsoft Bounty Programs Announce Expansion Bounty for Microsoft OneDrive | MSRC

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:51.
Twitter Facebook