The bounty program of Microsoft implies lucrative rewards for individuals who can scour notable threats and flaws in any new software or application developed by the company. The bug bounty program is constituted to obtain coherent data on the feasibility of programs and software as well as reward individuals with technical acumen. <\/p>\n
Microsoft varies its monetary rewards in the bug bounty scheme from $500 to $100,000 depending on the magnitude of the risk spotted. Microsoft is planning to impart bounties amounting up to $15,000 for finding out the most detrimental facets in the unreleased beta versions of its latest CoreCLR<\/a><\/span> and ASP.NET 5 application software.<\/p>\n The provision of varying scale of rewards in the bounty program envisions proficient research and tactful apprehension of flaws. Through such a program, Microsoft can get a pragmatic evaluation of the beta versions of CoreCLR and ASP.NET 5. Furthermore, researchers and persons adept at evaluating ASP.NET Methodologies<\/a><\/span> can make the most out of this opportunity. Prior to assuming prerogatives, participants of this program have to estimate a lucid impression of the guidelines prescribed by Microsoft for the bug bounty program.<\/p>\n In order to consider participation in the Microsoft bug bounty scheme, individuals must assess their eligibility with respect to the criteria set by the company.<\/p>\n The bug bounty program commenced on October 15, 2015 and shall conclude on the 20th of January, 2016. Credible assessment of vulnerabilities and subsequent suggestions for improvement can amount to monetary rewards depending on the nature and complexity of the threat.<\/p>\n Microsoft enjoys sole discretion in case of rewards. The final reports are scrutinized meticulously and eligible submissions are felicitated with proper distinction. Microsoft determines rewards based on the vulnerability type and proofs submitted for validating the claim.<\/p>\n Payments from Microsoft are done in a comprehensive manner after precise evaluation of the submitted reports by proficient engineers at Microsoft. Proper documentation and paperwork are the stand out points in the bug bounty program.<\/p>\n Other crucial entities to be followed in this program include complete confidentiality of the proceedings of your research. Microsoft asks for maintaining secrecy on the exploit codes discovered during evaluation of the beta versions of CoreCLR and ASP.NET 5.<\/p>\nSome of the crucial elements in the criteria set by Microsoft are:<\/h2>\n
\n
Some of the most common threats reported are concerned with the following aspects:<\/h2>\n
\n