Microsoft is boosting its efforts to make Azure more secure with the launch of Azure Security Lab, a set of dedicated cloud hosts for security researchers to test attacks against IaaS scenarios. In addition, the cloud giant is doubling the top bounty reward for Azure vulnerabilities to $40,000.
“To make it easier for security researchers to confidently and aggressively test Azure, we are inviting a select group of talented individuals to come and do their worst to emulate criminal hackers in a customer-safe cloud environment called the Azure Security Lab,” Kymberlee Price, principal security PM manager for Microsoft Sercurity Response Center’s community and partner engagement programs, wrote in a blog post.
RELATED CONTENT: Azure targets innovation over domination
The isolation of the Azure Security Lab now allows researchers to exploit vulnerabilities, allowing them to earn up to $300,000 for scenario-based challenges. In addition, the company is formalizing its two-decade commitment to the principle of Safe Harbor, which places immunity from legal repercussions on researchers and to ensure researchers receive proper recognition. Applications to join the Azure Security Lab opened today.
“Partnerships are core to our security strategy, and one of our key partners is the global community of security researchers. By identifying and reporting vulnerabilities to Microsoft through coordinated vulnerability disclosure, security researchers have repeatedly demonstrated that working together helps protect customers,” Price wrote. “In appreciation of their efforts and the opportunity to mitigate issues before they are publicly known and used for harm, we’ve issued $4.4 million dollars in bounty rewards over the past 12 months.”