Microsoft has announced a major upgrade to the security protections in its Azure cloud computing service.
During the Black Hat USA conference, which took place earlier this week in Las Vegas, the Redmond software giant announced Azure (opens in new tab)Security Lab, an invite-only set of cloud hosts, where hackers will get a chance to “confidently and aggressively test Azure.”
Azure Security Lab is something of a sandbox, given that it’s fully isolated from the main Azure framework. All invited testers will work with Microsoft’s team, as well.
The company says that the invited hackers should “do their worst" and revealed an upgraded bug bounty program alongside the launch.
"The isolation of the Azure Security Lab allows us offer something new: researchers can not only research vulnerabilities in Azure, they can attempt to exploit them," the company said.
"Accepted applicants will have access to quarterly campaigns for targeted scenarios with added incentives, as well as regular recognition and exclusive swag."
Microsoft is offering up to $300,000 for anyone who breaches Azure’s security (depending on the severity of the breach, obviously), and the applications are now available. Then there’s also the traditional Azure bug bounty program, which paid out more than $4.4 million in rewards, in the past 12 months.
Even though original Cloud Bounty pay-outs were capped at $20,000, the awards have been doubled for Azure. Besides, Microsoft offers top dollar for flaws (opens in new tab) in the Microsoft Mitigation Bypass Bounty, as well as the Bounty for Defence Programs (up to $100,000).