This is the Trace Id: d1fde9b56b9872553222d7a55de5e634
Skip to main content Report Security Vulnerability Report Abuse Report Infringement Submission FAQs Reporting Vulnerability Security Update Guide Exploitability index Developer API documentation Frequently Asked Questions Technical Security Notifications Glossary Microsoft Bug Bounty Programs Microsoft Active Protections Program BlueHat Security Conference Researcher Recognition Program Windows Security Servicing Criteria Researcher Resource Center Microsoft Security Response Center Security Research & Defense BlueHat Conference Blog Security Researcher Acknowledgments Online Services Researcher Acknowledgments AI Safety Acknowledgements Security Researcher Leaderboard

Who We Are

Protecting humanity through curiosity

The Microsoft Security Response Center (MSRC) helps protect Microsoft customers and the broader ecosystem from security and privacy threats.

MSRC

We work across Microsoft and with the global security research community to identify, understand, and respond to vulnerabilities. Through this collaboration, MSRC works with product and engineering teams to drive mitigations that strengthen protections and reduce customer risk at scale.

Beyond individual vulnerabilities, we focus on addressing root causes and improving how risks are prevented, detected, and mitigated so customers can benefit from durable, system-wide security improvements.

Our efforts span vulnerability response, researcher programs, and publishing clear, actionable information customers need to understand and manage risk.

MSRC team

MSRC Leadership

MSRC's approach to protecting customers is guided by experienced engineering leadership and clear accountability for security outcomes.

Tom Gallagher

Tom Gallagher

Vice President of Engineering, MSRC

Tom Gallagher joined Microsoft in 1999 as a penetration tester, working on the first release of SharePoint. Over the course of his career at Microsoft, he led the Office Security engineering team before transitioning to MSRC in 2022. He now leads the MSRC team responsible for managing all security vulnerabilities reported to Microsoft.

How We Operate

MSRC protects customers through a combination of cross-company collaboration and operational programs designed to reduce risk at scale.

Vulnerability Response

We investigate every report, coordinate with product teams to get issues fixed, and work with researchers to ensure responsible disclosure.

Bug Bounty

One of the largest bounty programs in the world. Last year we distributed $17M in awards to researchers from 59 countries.

Explore >

Zero Day Quest

Microsoft's invite-only live hacking event bringing together top researchers and engineers for hands-on collaboration.

Learn More >

Transparency & Standards

Part of the CVE program for 25+ years. First to publish CVEs for cloud vulnerabilities. Data enriched with CVE, CPE, CWE, and CSAF.

AI Security

On the front line of AI-specific security risks. Defining industry standards for AI vulnerability classification.

AI Bug Bar >

Follow the Microsoft Security and Response Center (MSRC)

LinkedInXBluesky YouTube
Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Software companies Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States)
Your Privacy Choices Opt-Out Icon Your Privacy Choices
Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads