Microsoft launched a new bug bounty program specifically aimed at identity services with bounty payouts ranging from $500 to $100,000.
Microsoft’s Identity Bounty program will reward researchers for finding eligible bugs in not only its identity solutions but also for security vulnerabilities in “certified implementations of select OpenID standards.”
Microsoft’s Principal Security Group Manager Phillip Misner announced the new program on the Microsoft Security Response Center (MSRC) blog.