In a three-month challenge, Microsoft is offering hackers up to $100,000 if they can break the security of its custom Linux OS. The challenge is focused on the Azure Sphere OS for which, Microsoft built a compact and custom version of Linux last year.
“This new research challenge aims to spark new high impact security research in Azure Sphere, a comprehensive IoT security solution delivering end to end security across hardware, OS and the cloud,” said Sylvie Liu, a security programme manager at Microsoft’s Security Response Center. “Engaging the security research community to research for high-impact vulnerabilities before the bad guys do is part of the holistic approach Azure Sphere is taking to minimize the risk,” Liu added.
The bug bounty programme is part of a three-month research challenge that runs from June 1 until August 31. “We will award up to $100,000 bounty for specific scenarios in the Azure Sphere Security Research Challenge during the programme period,” said Liu.
Azure Sphere was announced at last year’s Build developer conference. “This research challenge is focused on the Azure Sphere OS. Vulnerabilities found outside the research initiative scope, including the Cloud portion, may be eligible for the public Azure Bounty Program awards,” said the company. Microsoft said its partnership with the global security community is key to keeping the customers secure