HomeWinBuzzer NewsMicrosoft Announces Bounty Incentives for Defender Security Flaws

Microsoft Announces Bounty Incentives for Defender Security Flaws

Microsoft launches a new bounty program to incentivize security researchers to find vulnerabilities in its Defender security suite. Rewards range from $500 to $20,000.


has introduced a new bounty program targeting its Microsoft Defender suite of security products. With the offer of substantial financial rewards, Microsoft aims to bolster the security mechanisms of its software by leveraging the skills of security researchers worldwide.

Rewards and Criteria

Under the new program, security researchers have an incentive to discover vulnerabilities in the for Endpoint APIs, the focus of the initial phase of the bounty program. Over time, the scope of this initiative will expand to include other components within the Microsoft Defender brand.

On Microsoft's dedicated bounty page, the criteria for eligibility are outlined: identified bugs must pertain to tampering, spoofing, information disclosure, or privilege elevation to qualify for cash rewards ranging from $500 to $8,000, based on the severity of the bug.

Top Rewards for Critical Flaws

The most substantial payouts, however, are reserved for the discovery of Remote Code Execution (RCE) vulnerabilities in Defender. Researchers identifying RCE issues stand to earn from $5,000 to $20,000. Furthermore, for bugs concerning Microsoft's Bing unveiled earlier, Microsoft offers up to $15,000 in bounties.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News