Microsoft has awarded $13.7 million to security researchers who have reported vulnerabilities over the last 12 months through 15 bug bounty programs. Microsoft received 1,226 eligible vulnerability reports from 327 security researchers located in countries from six continents. Microsoft also joined the Open Source Security Foundation (OpenSSF) as a founding member, alongside GitHub, Google, IBM, JPMC, NCC Group, OWASP Foundation, and Red Hat. In 2020 alone, Microsoft launched two new research grants and six new bug bounties.
Source: https://www.bleepingcomputer.com/news/security/microsoft-paid-almost-14m-in-bounties-over-the-last-12-months/