Microsoft is offering rewards of up to $20,000 for flaws in its Azure DevOps online services and servers. The bug bounty program doesn t have an end date and any researcher can participate, a Microsoft spokesperson told Threatpost. Qualified submissions are eligible for bug bounty rewards ranging from $500 to $10,000. The bounty program touches on Microsoft s array of digital identity solutions, which tout strong authentication, secure sign-in sessions and API security. In July, Microsoft kicked off a bug-bounty program, offering payouts as high as $100,000 in identity services and implementations of the OpenID standard.
Source: https://threatpost.com/microsoft-launches-azure-devops-bug-bounty-program/140984/