{"id":76311,"date":"2019-01-17T18:07:20","date_gmt":"2019-01-17T18:07:20","guid":{"rendered":"https:\/\/news.microsoft.com\/?p=430624"},"modified":"2019-01-17T18:07:20","modified_gmt":"2019-01-17T18:07:20","slug":"security-researchers-bug-bounty-program-for-azure-devops-added","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2019\/01\/17\/security-researchers-bug-bounty-program-for-azure-devops-added\/","title":{"rendered":"Security researchers: Bug bounty program for Azure DevOps added"},"content":{"rendered":"<header class=\"entry-header full\"> <\/header>\n<p><!-- .entry-header --><\/p>\n<p>It is my pleasure to announce another exciting expansion of the Microsoft Bounty Programs. Today, we are <a href=\"https:\/\/blogs.technet.microsoft.com\/msrc\/2019\/01\/17\/azure-devops-bounty-program\/\">adding a security bug bounty program for Azure DevOps<\/a> in partnership with the Microsoft Security Response Center (MSRC) to our suite of Bounty programs.<\/p>\n<p>Our Bounty program rewards independent security researchers who find flaws and report them to us responsibly. We\u2019ll publicly recognize the researchers who report these security issues, and for high-severity bugs we\u2019ll present payments of up to $20,000 USD.<\/p>\n<p>These rewards help motivate researchers to find security vulnerabilities in our services and let us correct them before they\u2019re exploited by attackers. You can find the <a href=\"https:\/\/www.microsoft.com\/en-us\/msrc\/bounty-azure-devops\">details of our Bug Bounty program with MSRC<\/a>.<\/p>\n<p>Security has always been a passion of mine, and I see this program as a natural complement to our existing security framework. We\u2019ll continue to employ careful code reviews and examine the security of our infrastructure. We\u2019ll still run our security scanning and monitoring tools. And we\u2019ll keep assembling a red team on a regular basis to attack our own systems to identify weaknesses.<\/p>\n<p>If you\u2019re interested in the way our team approaches security and how we continue to evolve our thinking and practices, then I\u2019d encourage you to watch the video of my talk \u201c<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/devops\/learn\/devops-at-microsoft\/security-in-devops\">Mindset shift to a DevSecOps culture<\/a>.\u201d<\/p>\n<p>This program will help us provide the highest level of security for our customers, protect customer data, and ensure the availability of Azure DevOps. I\u2019m looking forward to seeing what we learn from working more closely with the security community.<\/p>\n<div class=\"author-info\">\n<div class=\"author-avatar\"> <img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"http:\/\/www.sickgaming.net\/blog\/wp-content\/uploads\/2019\/01\/security-researchers-bug-bounty-program-for-azure-devops-added.jpg\" class=\"avatar avatar-42 photo\" height=\"42\" width=\"42\" \/><\/div>\n<p><!-- .author-avatar --> <!-- .author-description -->\n<\/div>\n<p><!-- .author-info --> <\/p>\n","protected":false},"excerpt":{"rendered":"<p>It is my pleasure to announce another exciting expansion of the Microsoft Bounty Programs. Today, we are adding a security bug bounty program for Azure DevOps in partnership with the Microsoft Security Response Center (MSRC) to our suite of Bounty programs. Our Bounty program rewards independent security researchers who find flaws and report them to [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":76312,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49],"tags":[50,52],"class_list":["post-76311","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-news","tag-recent-news","tag-security"],"_links":{"self":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/76311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/comments?post=76311"}],"version-history":[{"count":0,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/76311\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media\/76312"}],"wp:attachment":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media?parent=76311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/categories?post=76311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/tags?post=76311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}