Microsoft seems to be getting into matters of security with respect to the revamped Chromium- based Edge browser as reports of a new Insider Bounty program for its browser are doing round this week.
The official launch of the Edge browser is not far along and since April the browser has also been available publicly.
Despite having come this close to the launch, security concerns seem to have taken over as the tech titan plans to welcome individuals anywhere in the world to find vulnerabilities in its browser. The Insider Bounty Program carries a good amount of money varying on the severity of the bug that the technician discovers.
The impact and severity of the vulnerability decides both the reward and how classified it is. Depending on the severity, a sum between US$1,000 and US$6,000 can be rewarded to the reporter at the low end of the scale where spoofing and tampering is reported.
For the most critical category of bug, the information disclosure tops out at US$ 10,000. Per vulnerability an Elevation of Privilege ranges between US$5000 and US$15,000.
On finding and reporting a combination of a Windows Defender Application Guard (WDAG) container escape and of an Elevation of Privilege can get the reporter to ear the maximum amount of the reward.
You account will get richer by US$30,000 as you show Microsoft how you achieved that in Edge. Having earned the US$15,000, a reporter can additionally be paid $30,000 from a separate WAG Bounty Program.
These days, software security has incorporated bug bounties given their relevance and significance. For white hat hackers and security researchers it is a great way to earn money and works as a great motivator for them to spot what even the best of tech companies like Microsoft overlooked; by focusing on a piece of software.
This has multi fold benefits not just limited to the tech companies and these security researchers and white hat hackers, but also the consumers.