Breaking News

Sigma Releases 85mm f/1.4 DG DN Art Lens for Sony E Mount Mirrorless Cameras Sony announces WH-1000XM4 industry-leading wireless noise cancelling headphones Samsung Unveils Five New Power Devices in the Galaxy Ecosystem To Empower Your Work and Play Push the Edge with UP Xtreme Lite Dell to out new S2721DGF Monitor, HDR400 2560x1440 at 144 Hz

logo

Microsoft Offers You $100,000 If You Can Hack the Linux-based Azure Sphere

Microsoft Offers You $100,000 If You Can Hack the Linux-based Azure Sphere

Enterprise & IT 0

Microsoft has announced a new research challenge aiming to spark new high impact security research in Azure Sphere, an IoT security solution delivering end to end security across hardware, OS and the cloud.

The Azure Sphere operating system is a customized high-level and very compact Linux-based one, combined with a secure application environment for additional hardening. Throw this into a mix of hardware, software, and the inevitable cloud, and you get Microsoft's IoT end-to-end security platform.

While Azure Sphere implements security upfront and by default, Microsoft recognizes that risks need to be mitigated consistently over the lifetime of a constantly growing array of devices and services. Engaging the security research community to research for high-impact vulnerabilities before the bad guys do is part of the approach Azure Sphere is taking to minimize the risk.

This new research challenge is a three-month, application-only security research challenge offering special bounty awards and providing additional research resources to program participants.

To apply for this research program, submit the application form before May 15, 2020. Applications will be reviewed on a weekly basis and accepted researchers will be notified via email. This research challenge runs from June 1, 2020 through August 31, 2020 for researchers accepted through open application.

Microsoft will award up to $100,000 bounty for specific scenarios in the Azure Sphere Security Research Challenge during the program period.

Two key scenarios are below, and additional research scenarios, awards and program resources can be found in Azure Security Lab program page.

  • Ability to execute code on Pluton: $100,000
  • Ability to execute code on Secure World: $100,000

This research challenge is focused on the Azure Sphere OS. Vulnerabilities found outside the research initiative scope, including the Cloud portion, may be eligible for the public Azure Bounty Program awards. Physical attacks are out of scope for this research challenge and the public Azure Bounty Program.

The Azure Sphere Security Research Challenge provides resources to support research, including:

  • Azure Sphere development kit (DevKit)
  • Access to Microsoft products and services for research purposes
  • Azure Sphere product documentation
  • Direct communication channels with the Microsoft team

Related Posts

0 Comments

Leave a Reply

More information about text formats

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

BBCode

  • No HTML tags allowed.
  • You may use these tags: [abbr], [acronym], [b], [center], [code], [color], [define], [font], [h1], [h2], [h3], [h4], [h5], [h6], [hr], [i], [img], [justify], [left], [list], [node], [php], [quote], [right], [s], [size], [sub], [sup], [u], [url], [wikipedia], [youtube], [align], [link], [ol], [ul]
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.