The payout for the Teams bug bounty program is twice the maximum amount Microsoft offers for any other Office application
Microsoft said the app’s desktop client is the “first in-scope application” under the new program
New Delhi: Tech giant Microsoft is offering up to $30,000 to security researchers who can find bugs in the Microsoft Teams application. The remote working and collaboration platform has gained prominence over the past year, alongside competing platforms like Zoom and Google Meet.
The company's new bug bounty program for Teams shows that the platform plays an important role in its future plans.
According to ComputerWorld, the payout for the Teams bug bounty program is twice the maximum amount Microsoft offers for any other Office application. In a blog post on 24 March, Microsoft said the app’s desktop client is the “first in-scope application" under the new program.
Further, the program includes five “scenario-based awards" for vulnerabilities that may impact the customer privacy and security the most. Rewards for these scenarios range between $6000 and $30,000. There will also be General Bounty Awards for “other valid vulnerability reports" for the Teams desktop client, the payout for which range between $500 and $15,000.
For Teams Online, researchers will also be allowed to submit vulnerability reports to Microsoft through the company’s Online Services Bounty Program. The company is also offering twice the recognition for researchers who submit vulnerability reports for Teams. The company has a program called c, under which it offers points to security researchers for reporting vulnerabilities. The company maintains a global leaderboard of the same and offers exclusive access to top ranking researchers.
The new program essentially elevates Teams’ importance in Microsoft’s suite of apps. Bug bounty programs have traditionally been used by big tech corporations to deter hackers from going after their platforms. But companies tend to offer such programs only for their most important services.