Tech giant Microsoft has unveiled a new bug bounty program in which security researchers will receive up to $100,000 to hack their Linux-based its operating system, Azure Sphere.
“We will award up to $100,000 bounty for specific scenarios in the Azure Sphere Security Research Challenge during the program period,” explains Sylvie Liu, a security program manager at Microsoft’s Security Response Center.
There are, of course, conditions attached.
For example, it’s not a challenge to hack into any old Linux OS. Instead, it’s a very unique Linux OS (Azure Sphere Security Research) that Microsoft has in mind: one that will power its end-to-end security framework for Internet-of-Things (IoT).
The Azure Sphere operating system, combined with a stable application environment for additional hardening, is a modified high-level and very lightweight Linux-based one. Put this into a mixture of hardware, software, and the unavoidable cloud, and you get the end-to-end security framework for Microsoft IoT.
Last year, the company developed the Internet of Thing platform for the Azure Sphere OS. The “Azure Sphere Protection Study Test” bug bounty system. The bug bounty program is part of a three-month research challenge running from 1 June through 31 August.
Those who plan to qualify for the program will submit their applications by 15 May 2020. Accepted security researchers should get an e-mail notice of their involvement.
“This research challenge is focused on the Azure Sphere OS. Vulnerabilities found outside the research initiative scope, including the Cloud portion, may be eligible for the public Azure Bounty Program awards,” said the company.
Azure Sphere is designed to help the IoT equation take most of the risk, and that’s why Microsoft announced a new phase in its Azure Sphere Security Research Challenge on May 5.