Microsoft Bug Bounty Program Offers Big Rewards for Finding Flaws in Project Spartan, Windows 10

Keeping on top of all the possible security flaws in the world’s most popular Web browser may be too much for any single organization, which is why the Microsoft bug bounty program for Project Spartan will grant researchers rewards as high as $15,000 for finding flaws.

In a blog post, the Washington-based software giant challenged white-hat hackers and other security experts to send a vulnerability report detailing functioning flaws between now and June 22. Of course, most of the findings in the Microsoft bug bounty program are expected to be minor and will likely earn payouts in the $500 to $6,000 range.

As Computerworld noted, the upper end of the financial incentive to better secure Project Spartan is 36 percent higher than the Microsoft bug bounty program for Internet Explorer 11. The official name of Project Spartan will likely be revealed during the company’s upcoming Build conference, and the browser could launch by the early summer.

However, Project Spartan isn’t Microsoft’s only bounty program open to security experts. VentureBeat reported that the company has created similar initiatives to protect a range of its other projects, most notably its cloud computing service, Azure, and the upcoming Office Sway. These vulnerability assessments are highly valuable to the company since they provide a way to outsmart cybercriminals before they strike.

Of course, Project Spartan will be a big part of Microsoft’s overall portfolio surrounding Windows 10, its core platform that will also come out later this year. BetaNews observed that the company has already been looking for feedback about any potential flaws within the operating system’s recently released technical preview.

Even in the past few months, there have been examples of security researchers helping companies such as eBay fend off potential flaws through programs similar to Microsoft’s. On the other hand, a recent study suggests the company may want to focus on other tactics.

A story on The Register profiled a presentation from the RSA Conference in which researchers from the Massachusetts Institute of Technology and an organization called HackerOne analyzed the bug bounty program for Internet Explorer 11. They concluded that offering more money doesn’t necessarily mean that more flaws will be discovered or that bigger bugs won’t be found in later versions of the software.

Given how widely Windows 10 and Project Spartan may be adopted, it’s still a good idea that Microsoft is encouraging the security community to work together on protecting its software. Hopefully, the Microsoft bug bounty program is just the first phase of an industry-wide effort to provide a more long-term, trustworthy computing experience.

Image Source: iStock

Shane Schick

Writer & Editor

Shane Schick is a writer, editor and speaker who focuses on how information technology creates business value. He lives...