Microsoft’s Security Response Center (MSRC) just announced the launch of its Azure DevOps Bounty Program yesterday and it should be exciting news for DevOps customers, particularly those using server solutions.
Along with the announcement, the Bounty Program began yesterday January 17, 2019, and offers a reward of up to $20,000 for whitelisted individuals who find eligible vulnerabilities in both Azure DevOps online services and server product.
The researcher community plays an essential role in keeping our customers secure, and we will review every submission and recognize your efforts according to our program criteria. If your submission isn’t eligible for bounty but still helps us fix or improve our product, we’ll offer public thanks and recognition for your contribution. Please submit your vulnerabilities to [email protected].
To find out more about the Azure DevOps Bounty program and the terms and conditions visit here.