This is the Trace Id: 9e68c3ab76b5dc09c5e82583b283e1b8
Skip to main content Report Security Vulnerability Report Abuse Report Infringement Submission FAQs Reporting Vulnerability Security Update Guide Exploitability index Developer API documentation Frequently Asked Questions Technical Security Notifications Glossary Microsoft Bug Bounty Programs Microsoft Active Protections Program BlueHat Security Conference Researcher Recognition Program Windows Security Servicing Criteria Researcher Resource Center Mission Cyber Defense Operations Center Coordinated Vulnerability Disclosure Social Microsoft Security Response Center Security Research & Defense BlueHat Conference Blog Security Researcher Acknowledgments Online Services Researcher Acknowledgments AI Safety Acknowledgements Security Researcher Leaderboard

Microsoft Identity Bounty Improvements

MSRC
/ By Jarek Stanley /

Microsoft is continually improving our existing bounty programs. Today we’re happy to share the latest updates to the Microsoft Identity Bounty. Originally launched in July 2018, the Microsoft Identity bounty program has helped build a partnership with the security research community to improve the security of customer and enterprise identity solutions across Azure, Windows, and OpenID standards. Today’s bounty improvements include:

  • Faster bounty review

  • Rewards will be based on security impact, severity and report quality, supporting faster review and bounty reward decisions for this program

  • Simplified bounty terms

  • The Identity Bounty terms are now easier to read and compare with our other programs, helping researchers better understand scope and focus on high priority targets and awards

  • Higher bounty awards

  • Information Disclosure award range raised to align with other Cloud programs.

Microsoft is committed to continually improving the experience of the many researchers who help us identify vulnerabilities in our products and services and secure Microsoft customers. We regularly launch new bounty programs, like the ElectionGuard bounty last week, to open new avenues of research in emerging technology and create new opportunities to earn bounty rewards. We offer our public thanks for contributions from the security researcher community, and this summer shared successes and lessons learned together on stage at Blackhat USA.

We look forward to sharing more bounty program updates and improvements in the coming months.

Chloé Brown, Program Manager, MSRC

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Marketplace Rewards Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States)
Your Privacy Choices Opt-Out Icon Your Privacy Choices
Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads