At Ignite, Microsoft announced a new event for security researchers: Zero Day Quest. Those who find bugs there will be rewarded from a prize pool of four million euros.
At its Ignite conference, Microsoft wants to make it clear that security is now in the company’s DNA. Earlier, CEO Satya Nadella modified the company’s priorities based on three pillars. To make it clear that Redmond really means security, Microsoft is now launching Zero Day Quest.
Zero Day Quest is a new event for security researchers. The event joins the existing bug bounty program. Those who find bugs under that program are financially rewarded. Microsoft says it pays out about $16 million a year in rewards.
Four million dollars
Zero Day Quest comes with its own prize pool of four million dollars. The event focuses specifically on cloud and AI, as that is where Microsoft sees the biggest impact for its customers. That may be a little short of the mark, since problems with Exchange have undoubtedly had the biggest impact in recent years, but Microsoft wants to be clear that its latest products are not leaky.
The Quest starts immediately and ends with a physical event. Hackers can earn their spot by distinguishing themselves in advance. Microsoft wants the event to focus on targeted scenarios in which bugs should be uncovered. Details of bugs found will be shared, but only after they are fixed. Frank Shaw, Microsoft’s corporate VP for communications, is already not shying away from superlatives. The event is said to be the largest in the industry, as is the prize pool.
The goal, according to Microsoft, is not only to find and fix bugs before they can be exploited, but also to establish closer cooperation between the Microsoft Security Response Center (MSRC), product teams and outside researchers.