Wednesday, August 05, 2020

Microsoft has paid security researchers $13.7 million for bug bounties in 12 months

This is a lot of money to squash bugs! Is it not cheaper and more beneficial to prevent bugs in house? How buggy is Microsoft software? How wise is it to have outsiders find your bugs?

"... Over the past 12 months, Microsoft received 1,226 eligible vulnerability reports across its 15 bug bounty programs. But the $13.7 million is the standout number — that’s a huge bug bounty amount to spend in one year. Google, which is well known for its bug bounty programs, has paid $21 million over nine years — the company started paying bug bounties in November 2010. ..."

No comments: